CN110098921A - Verification code generation method, device, application service end and system - Google Patents
Verification code generation method, device, application service end and system Download PDFInfo
- Publication number
- CN110098921A CN110098921A CN201810088412.3A CN201810088412A CN110098921A CN 110098921 A CN110098921 A CN 110098921A CN 201810088412 A CN201810088412 A CN 201810088412A CN 110098921 A CN110098921 A CN 110098921A
- Authority
- CN
- China
- Prior art keywords
- identifying code
- generating means
- application service
- service end
- sent
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000012795 verification Methods 0.000 title claims abstract description 52
- 238000000034 method Methods 0.000 title claims abstract description 41
- 230000005540 biological transmission Effects 0.000 claims description 16
- 238000012937 correction Methods 0.000 claims description 11
- 238000004590 computer program Methods 0.000 claims description 7
- 238000012360 testing method Methods 0.000 claims description 6
- 238000012790 confirmation Methods 0.000 claims description 5
- 238000012423 maintenance Methods 0.000 abstract description 10
- 239000000463 material Substances 0.000 abstract description 7
- 238000005516 engineering process Methods 0.000 abstract description 2
- 230000006870 function Effects 0.000 description 16
- 238000010586 diagram Methods 0.000 description 15
- 230000006854 communication Effects 0.000 description 6
- 238000004891 communication Methods 0.000 description 5
- 238000012544 monitoring process Methods 0.000 description 4
- 238000012545 processing Methods 0.000 description 4
- 238000004364 calculation method Methods 0.000 description 3
- 238000010276 construction Methods 0.000 description 3
- 238000012986 modification Methods 0.000 description 3
- 230000004048 modification Effects 0.000 description 3
- 230000003287 optical effect Effects 0.000 description 3
- 230000003993 interaction Effects 0.000 description 2
- 230000005291 magnetic effect Effects 0.000 description 2
- 230000008569 process Effects 0.000 description 2
- 239000004065 semiconductor Substances 0.000 description 2
- 238000006467 substitution reaction Methods 0.000 description 2
- 238000004422 calculation algorithm Methods 0.000 description 1
- 238000013461 design Methods 0.000 description 1
- 230000000694 effects Effects 0.000 description 1
- 230000005611 electricity Effects 0.000 description 1
- 239000000835 fiber Substances 0.000 description 1
- 210000003127 knee Anatomy 0.000 description 1
- 239000004973 liquid crystal related substance Substances 0.000 description 1
- 239000013307 optical fiber Substances 0.000 description 1
- 230000001960 triggered effect Effects 0.000 description 1
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/06—Network architectures or network communication protocols for network security for supporting key management in a packet data network
- H04L63/067—Network architectures or network communication protocols for network security for supporting key management in a packet data network using one-time keys
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0861—Generation of secret information including derivation or calculation of cryptographic keys or passwords
- H04L9/0863—Generation of secret information including derivation or calculation of cryptographic keys or passwords involving passwords or one-time passwords
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0861—Generation of secret information including derivation or calculation of cryptographic keys or passwords
- H04L9/0869—Generation of secret information including derivation or calculation of cryptographic keys or passwords involving random numbers or seeds
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/321—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving a third party or a trusted authority
- H04L9/3213—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving a third party or a trusted authority using tickets or tokens, e.g. Kerberos
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3297—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving time stamps, e.g. generation of time stamps
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Telephonic Communication Services (AREA)
Abstract
The invention discloses a kind of verification code generation method, device, application service end and systems, are related to field of computer technology.Wherein, this method comprises: application service end is after receiving the identifying code demand information of applications client, identifying code acquisition request is sent to identifying code generating means;Identifying code generating means generate identifying code after receiving the identifying code acquisition request, and the identifying code is sent to the application service end.By above step, identifying code not only it had been able to satisfy and has generated demand, but also without realizing a set of logic for generating identifying code at each application service end, saved a large amount of manpower and material resources cost, improve the maintenance efficiency of verifying logic.
Description
Technical field
The present invention relates to field of computer technology more particularly to a kind of verification code generation method, device, application service end and
System.
Background technique
Currently, many application scenarios of APP (application software) can all be related to subscriber authentication.For example it logging in APP, looking into
It askes under the scenes such as bill, Modify password, needs to obtain identifying code to complete the verifying of user identity.
In the prior art, identifying code is often generated by application service end, then by application service end by the identifying code
User is issued in a manner of short message or Email (Email).
In realizing process of the present invention, at least there are the following problems in the prior art for inventor's discovery: in view of to mobile phone
Or Email sends identifying code can be related to problem of data safety, therefore current most of application service ends oneself can all realize it is a set of
Generate, send the function logic of identifying code.If logic a set of in this way is realized at each application service end, repeated work will lead to
Very much, safeguard that manpower and material resources cost consumed by verifying logic is big and maintenance efficiency is not high.
Summary of the invention
In view of this, the present invention provides a kind of verification code generation method, device, application service end and system, both it was able to satisfy
Identifying code generates demand, and without realizing a set of logic for generating identifying code at each application service end, saves a large amount of people
Power material resources cost, improves the maintenance efficiency of verifying logic.
To achieve the above object, according to the first aspect of the invention, a kind of verification code generation method is provided.
Verification code generation method of the invention includes: application service end in the verifying code requirement letter for receiving applications client
After breath, identifying code acquisition request is sent to identifying code generating means;Identifying code generating means are receiving the identifying code
After acquisition request, identifying code is generated, and the identifying code is sent to the application service end.
Optionally, the method also includes: identifying code generating means after receiving the identifying code acquisition request, also
Current operation mark is generated, and current operation mark is sent to application service end.
Optionally, the identifying code acquisition request includes: cell-phone number or email address and applications client address;Institute
State method further include: after the step of generation identifying code and the generation current operation identify, identifying code generating means
The identifying code is sent to user according to the cell-phone number or the email address, identifying code generating means are according to the application
Current operation mark is sent to the applications client by client address.
Optionally, the method also includes: before the generation identifying code the step of, identifying code generating means are to described
Identifying code acquisition request is verified, and confirms that verification passes through.
Optionally, the current operation mark includes token;And identifying code generating means generate institute according to such as under type
It states token: generating timestamp and random number;The entirety being made of timestamp and random number is encrypted, and encrypted result is made
For the token.
To achieve the above object, according to the second aspect of the invention, a kind of identifying code generating means are provided.
Identifying code generating means of the invention include: receiving module, and the identifying code for receiving application service end, which obtains, asks
It asks;Generation module, for generating identifying code;Sending module, for the identifying code to be sent to the application service end;Its
In, the identifying code acquisition request be the application service end the identifying code demand information for receiving applications client it is rear to
What identifying code generating means were sent.
Optionally, the generation module is also used to generate current operation mark;The sending module is also used to work as described
Preceding operation mark is sent to the application service end.
Optionally, the identifying code acquisition request includes: cell-phone number or email address and applications client address;Institute
It states sending module to be also used to that the identifying code is sent to user according to the cell-phone number or the email address, and according to institute
It states applications client address and current operation mark is sent to the applications client.
Optionally, described device further include: correction verification module is used for before the generation module generates identifying code, to institute
It states identifying code acquisition request to be verified, and confirms that verification passes through.
Optionally, the current operation mark includes token;The generation module is also used to generate institute according to such as under type
State token: the generation module generates timestamp and random number;The generation module is whole to being made of timestamp and random number
Body is encrypted, and using encrypted result as the token.
To achieve the above object, according to the third aspect of the invention we, a kind of application service end is provided.
Application service end of the invention includes: sending module, in the verifying code requirement letter for receiving applications client
After breath, identifying code acquisition request is sent to identifying code generating means;Receiving module is returned for receiving identifying code generating means
The identifying code returned;Wherein, the identifying code is identifying code generating means after passing through to identifying code acquisition request verification
It generates.
Optionally, the receiving module is also used to receive the current operation mark of identifying code generating means return.
Optionally, the receiving module is also used to receive the identifying code and current operation mark of applications client transmission;Institute
State application service end further include: correction verification module, for requesting it in the verifying code check for receiving the applications client transmission
Afterwards, identifying code and the current operation mark returned according to the identifying code generating means verifies it.
To achieve the above object, according to the fourth aspect of the invention, a kind of verifying system is provided.
Verifying system of the invention includes: application service end, in the verifying code requirement letter for receiving applications client
After breath, identifying code acquisition request is sent to identifying code generating means;Identifying code generating means, for receiving described test
After demonstrate,proving code acquisition request, identifying code is generated, and the identifying code is sent to the application service end.
Optionally, the identifying code generating means are also used to after receiving the identifying code acquisition request, and generation is worked as
Preceding operation mark, and current operation mark is sent to the application service end.
Optionally, the identifying code acquisition request includes: cell-phone number or email address and applications client address;Institute
Identifying code generating means are stated to be also used to that identifying code is sent to user according to the cell-phone number or the email address, and according to
Current operation mark is sent to applications client by the applications client address;The application service end is also used to receiving
To the applications client send verifying code check request after, according to the identifying code generating means send identifying code and
Current operation mark verifies it.
To achieve the above object, according to the fifth aspect of the invention, a kind of electronic equipment is provided.
Electronic equipment of the invention, comprising: one or more processors;And storage device, for storing one or more
A program;When one or more of programs are executed by one or more of processors, so that one or more of processing
Device realizes verification code generation method of the invention.
To achieve the above object, according to the sixth aspect of the invention, a kind of computer-readable medium is provided.
Computer-readable medium of the invention is stored thereon with computer program, real when described program is executed by processor
Existing verification code generation method of the invention.
One embodiment in foregoing invention has the following advantages that or the utility model has the advantages that is answered by application service end receiving
After the identifying code demand information of client, identifying code acquisition request is sent to identifying code generating means;Pass through identifying code
Generating means generate identifying code after receiving the identifying code acquisition request, and the identifying code is sent to the application
Server-side and etc., it had not only been able to satisfy identifying code and has generated demand, but also without realizing a set of generation identifying code at each application service end
Logic, save a large amount of manpower and material resources cost, improve the maintenance efficiency of verifying logic.
Further effect possessed by above-mentioned non-usual optional way adds hereinafter in conjunction with specific embodiment
With explanation.
Detailed description of the invention
Attached drawing for a better understanding of the present invention, does not constitute an undue limitation on the present invention.Wherein:
Fig. 1 is the key step schematic diagram of verification code generation method according to an embodiment of the invention;
Fig. 2 is the key step schematic diagram of verification code generation method according to another embodiment of the present invention;
Fig. 3 is the main modular schematic diagram of identifying code generating means according to an embodiment of the invention;
Fig. 4 is the main modular schematic diagram of identifying code generating means according to another embodiment of the present invention;
Fig. 5 is the main composition schematic diagram of verifying system according to an embodiment of the invention;
Fig. 6 is that the embodiment of the present invention can be applied to exemplary system architecture figure therein;
Fig. 7 is adapted for the structural schematic diagram for the computer system for realizing the electronic equipment of the embodiment of the present invention.
Specific embodiment
Below in conjunction with attached drawing, an exemplary embodiment of the present invention will be described, including the various of the embodiment of the present invention
Details should think them only exemplary to help understanding.Therefore, those of ordinary skill in the art should recognize
It arrives, it can be with various changes and modifications are made to the embodiments described herein, without departing from scope and spirit of the present invention.Together
Sample, for clarity and conciseness, descriptions of well-known functions and structures are omitted from the following description.
It should be pointed out that in the absence of conflict, the feature in embodiment and embodiment in the present invention can be with
It is combined with each other.
Fig. 1 is the key step schematic diagram of verification code generation method according to an embodiment of the invention.As shown in Figure 1,
The verification code generation method of the embodiment of the present invention includes:
Step S101, identifying code is obtained after receiving the identifying code demand information of applications client in application service end
Request is taken to be sent to identifying code generating means.
Wherein, the applications client can be APP, or the Web application based on browser.When it is implemented,
It includes verifying code requirement that applications client, which can be sent after the verifying code requirement event for monitoring user's triggering to application service end,
The request of information.Application service end produces identifying code acquisition and asks after receiving the request including identifying code demand information
It asks, and the identifying code acquisition request is sent to identifying code generating means.
Step S102, identifying code generating means generate identifying code after receiving the identifying code acquisition request, and will
The identifying code is sent to the application service end.
Wherein, the identifying code can be the random number that identifying code generating means are generated by random function.
In embodiments of the present invention, it had not only been able to satisfy identifying code by above step and has generated demand, but also without in each application
Server-side realizes a set of logic for generating identifying code, saves a large amount of manpower and material resources cost, improves the maintenance of verifying logic
Efficiency.
Fig. 2 is the key step schematic diagram of verification code generation method according to another embodiment of the present invention.As shown in Fig. 2,
The verification code generation method of the embodiment of the present invention includes:
Step S201, identifying code is obtained after receiving the identifying code demand information of applications client in application service end
Request is taken to be sent to identifying code generating means.
Wherein, the applications client can be APP.When it is implemented, applications client can be triggered monitoring user
Verifying code requirement event after to application service end send request.The request includes: identifying code demand information.Application service end exists
After receiving the identifying code demand information, the identifying code acquisition request of generation is sent to identifying code generating means.
Step S202, identifying code generating means verify the identifying code acquisition request.If verification passes through, step is executed
Rapid S204;Otherwise, step S203 is executed.
Wherein, the identifying code acquisition request may include application service end registration code.In addition, the identifying code acquisition request
It may also include that cell-phone number or email address and the applications client address of user.
Specifically, step S202 can include: identifying code generating means take according to the application in the identifying code acquisition request
Business end registration code inquires Registry;If the application service end registration code in the identifying code acquisition request is present in the note
In volume information table, then the identifying code acquisition request verification passes through, and then executes step S204;Otherwise, step S204 is executed.
When it is implemented, identifying code generating means can generate application service end previously according to the registration information at application service end
Registration code, and the application service end registration code of generation is summarized into Registry, in order to according to the Registry pair
Identifying code acquisition request is verified.Wherein, the registration information may include application service end title, domain name, calling frequency etc.
Information;The random number that application service end registration code can be stored in the form of key assignments for one.
Step S203, identifying code generating means refuse the identifying code acquisition request.
Step S204, identifying code generating means generate identifying code and current operation mark.
Wherein, the current operation mark is for indicating current operation event.Illustratively, the current operation mark can
Think token (Token).Token be it is a kind of can control site occupy the special frames of media, with distinguishes data frame and other controls
Frame.
In embodiments of the present invention, identifying code generating means can be according to the token as described in generating under type: generating timestamp
And random number;Whole progress md5 encryption to being made of timestamp and random number, and using encrypted result as the token.Tool
When body is implemented, identifying code generating means can generate the timestamp by " System.currentTimeMillis " method.Separately
Outside, the identifying code can also be the random number that identifying code generating means are generated by random function.
Step S205, the identifying code and current operation mark are sent to application service end by identifying code generating means;It tests
It demonstrate,proves code generating means and identifying code is sent to by user according to cell-phone number or email address, will be worked as according to the applications client address
Preceding operation mark is sent to applications client.
In embodiments of the present invention, the function of sending identifying code to user mobile phone number is realized by step S205, is not necessarily to
The participation at application service end considerably reduces the construction amount and maintenance of Short Message Service Gateway.
In embodiments of the present invention, identifying code generation, transmission demand can be met by above step safe and efficiently, again
Without realizing a set of logic for generating, sending identifying code at each application service end, so that application service end is without being concerned about verifying
The generation and transmission work of code, save a large amount of workload.In addition, being sent by identifying code generating means to applications client
The short message for carrying identifying code greatly reduces the construction amount and maintenance of Short Message Service Gateway without the participation at application service end.
Further, on the basis of embodiment shown in Fig. 2, the present invention also provides a kind of verification methods.The present invention is implemented
The verification method of example includes: step S201 to step S205, and the following steps after step S205:
Step S206, applications client will verify code check request and be sent to application service end.
Wherein, the verifying code check request packet includes: the identifying code and applications client of user's input are generated from identifying code
The current operation mark that device receives.
Step S207, receive applications client transmission verifying code check request after, application service end according to from
Identifying code and the current operation mark that identifying code generating means receive verify it.
For the ease of distinguishing, application service can be terminated to identifying code receive and from identifying code sending device and worked as
Preceding operation mark is known as: application service is terminated receiving and carrys out self-application visitor by the first identifying code and the first current operation mark
Identifying code and the current operation mark at family end are known as: the second identifying code and the second current operation mark.
Specifically, in step S207, the second current operation mark and the first current operation mark are compared in application service end
It is whether consistent.If the second current operation mark and the first current operation mark are inconsistent, code check request is verified illegally, verification
Do not pass through.If the second current operation mark is consistent with the first current operation mark, then compares the second identifying code and the first identifying code
It is whether consistent.If the second identifying code and the first identifying code are consistent, verify code check and pass through;Otherwise, verifying code check does not pass through.
Verification method through the embodiment of the present invention can meet identifying code safe and efficiently and generate, sends, verify need
It asks, and without realizing a set of logic for generating, sending identifying code at each application service end, so that application service end is without being concerned about
The generation and transmission work of identifying code, save a large amount of workload.
Fig. 3 is the main modular schematic diagram of identifying code generating means according to an embodiment of the invention.As shown in figure 3,
The identifying code generating means 300 of the embodiment of the present invention include: receiving module 301, generation module 302, sending module 303.
Receiving module 301, for receiving the identifying code acquisition request of application service end transmission.
Wherein, the identifying code acquisition request is the application service end in the verifying code requirement for receiving applications client
After information, sent to identifying code generating means.The applications client can be APP, or based on browser
Web application.When it is implemented, applications client can be after the verifying code requirement event for monitoring user's triggering to application service end
Send the request including identifying code demand information.Application service end after receiving the request including identifying code demand information,
Identifying code acquisition request is produced, and the identifying code acquisition request is sent to identifying code generating means 300.
Generation module 302, for generating identifying code.Wherein, the identifying code can be generation module 302 by random letter
The random number that number generates.
Sending module 303, for the identifying code to be sent to application service end.
In embodiments of the present invention, demand is generated and in each application by the way that identifying code can be met with upper module
Server-side realizes a set of logic for generating identifying code, saves a large amount of manpower and material resources cost, improves the maintenance of verifying logic
Efficiency.
Fig. 4 is the main modular schematic diagram of identifying code generating means according to another embodiment of the present invention.As shown in figure 4,
The identifying code generating means 400 of the embodiment of the present invention include: receiving module 401, correction verification module 402, generation module 403, send
Module 404.
Receiving module 401, for receiving the identifying code acquisition request of application service end transmission.
Wherein, the identifying code acquisition request is the application service end in the verifying code requirement for receiving applications client
After information, sent to identifying code generating means.The applications client can be APP.When it is implemented, applications client
It can send and request to application service end after the verifying code requirement event for monitoring user's triggering.The request includes: that identifying code needs
Seek information.The identifying code acquisition request of generation is sent to and tests after receiving the identifying code demand information by application service end
Demonstrate,prove code generating means.
Correction verification module 402, for being verified to the identifying code acquisition request.
Wherein, the identifying code acquisition request can include: application service end registration code.Illustratively, correction verification module 402 is right
The identifying code acquisition request is verified can include: correction verification module 402 takes according to the application in the identifying code acquisition request
Business end registration code inquires Registry;If application service end registration code is present in the Registry, verify
Module 402 confirms that the identifying code acquisition request verification passes through, and then calls generation module 403;If the application service end note
Volume code is not present in the Registry, then correction verification module 402 confirms that the identifying code acquisition request verification does not pass through, into
And it is rejected by the identifying code acquisition request.
Generation module 403, in the case where identifying code acquisition request verification passes through, generating identifying code and current
Operation mark.
Wherein, the current operation mark is for indicating current operation event.Illustratively, the current operation mark can
Think token (Token).Token be it is a kind of can control site occupy the special frames of media, with distinguishes data frame and other controls
Frame.When it is implemented, in view of the timeliness of identifying code and the diversity of APP type, by generating current operation mark,
It can preferably identify certain primary verifying code requirement, the verification event of some APP.
Illustratively, generation module 403 can be according to the token as described in generating under type: generation module 403 generates timestamp
And random number;Generation module 403 encrypts the entirety being made of timestamp and random number, and described in encrypted result is used as
Token.When it is implemented, MD5 (Message Digest Algorithm 5) encryption or other cipher modes can be used in generation module 403
The entirety being made of timestamp and random number is encrypted.In addition, the identifying code can also pass through at random for generation module 403
The random number that function generates.
Sending module 404, for the identifying code and current operation mark to be sent to the application service end.
Wherein, the identifying code acquisition request may also include that the cell-phone number or email address and applications client of user
Address.Further, sending module 404 can also be used to be sent to the identifying code according to the cell-phone number or the email address
User, and the current operation is identified by (such as token) according to the applications client address and is sent to applications client.
The identifying code generating means 400 of the embodiment of the present invention can meet identifying code safe and efficiently and generate demand.Into one
Step saves a large amount of manpower and material resources cost due to the logic without realizing a set of generation identifying code at each application service end,
Improve the maintenance efficiency of verifying logic.In addition, by correction verification module to application server-side send identifying code acquisition request into
Row verification, can be improved the safety of identifying code generating means.
In addition, the present invention also provides a kind of application service ends.The application service end of the embodiment of the present invention includes: transmission mould
Block, receiving module.
Sending module, for after receiving the identifying code demand information of applications client, by identifying code acquisition request
It is sent to identifying code generating means.
Receiving module, for receiving the identifying code and current operation mark of the return of identifying code generating means.Wherein, described to test
Card code is that identifying code generating means generate after to identifying code acquisition request verification.And the reception mould
Block is also used to receive the identifying code and current operation mark of applications client transmission.
Further, the application service end of the embodiment of the present invention further include: correction verification module, for receiving the application visitor
After the verifying code check request that family end is sent, the identifying code and current operation returned according to the identifying code generating means is identified
It is verified.
In embodiments of the present invention, the identifying code generating means general by flexible configuration, so that application service end is not necessarily to
It is concerned about the generation of identifying code and sends work, saves a large amount of workload.
Fig. 5 is the main composition schematic diagram of verifying system according to an embodiment of the invention.As shown in figure 5, of the invention
The verifying system 500 of embodiment includes: application service end 501, identifying code generating means 502.
Application service end 501, for after receiving the identifying code demand information of applications client, identifying code to be obtained
Request is sent to identifying code generating means 502.
Wherein, applications client can be APP.When it is implemented, applications client can monitor testing for user's triggering
It is requested after demonstrate,proving code requirement event to the transmission of application service end 501.The request includes: identifying code demand information.Application service end 501
After receiving the identifying code demand information, the identifying code acquisition request of generation is sent to identifying code generating means 502.
Identifying code generating means 502, for being verified to the identifying code acquisition request.
Wherein, the identifying code acquisition request can include: application service end registration code, applications client address and user hand
Machine number.In addition, the user mobile phone number can also be substituted for subscriber mailbox address.
Specifically, it includes: that identifying code generates dress that identifying code generating means 502, which carry out verification to the identifying code acquisition request,
It sets 502 and Registry is inquired according to the application service end registration code in the identifying code acquisition request;If the identifying code obtains
The application service end registration code in request is taken to be present in the Registry, then identifying code generating means 502 confirm described
The verification of identifying code acquisition request passes through;Otherwise, identifying code generating means 502 confirm that the identifying code acquisition request verification is not led to
It crosses.
Identifying code generating means 502 are also used to generate verifying in the case where the identifying code acquisition request verifies and passes through
Code and current operation mark, and identifying code and current operation mark are sent to application service end 501.
Wherein, the current operation mark can be token.In embodiments of the present invention, identifying code generating means 502 can
According to the token as described in generating under type: generating timestamp and random number;The entirety being made of timestamp and random number is carried out
Md5 encryption, and using encrypted result as the token.In addition, the identifying code can also be random to be generated by random function
Number.
Further, identifying code generating means 502 are also used to that identifying code is sent to user according to the cell-phone number, according to institute
It states applications client address and current operation mark is sent to applications client.
Application service end 501 be also used to receive applications client transmission verifying code check request after, according to from
Identifying code and the current operation mark that identifying code generating means receive verify it.
Wherein, the verifying code check request packet includes: the identifying code and applications client of user's input are generated from identifying code
The current operation mark that device receives.For the ease of distinguish, it is application service end 501 being received and from identifying code send out
The identifying code and current operation mark for sending device are known as: the first identifying code and the first current operation mark, by application service end 501
Identifying code receive and from applications client and current operation mark are known as: the second identifying code and the second current operation
Mark.
Specifically, application service end 501 is according to identifying code and the current operation mark pair received from identifying code generating means
It carries out verification include: application service end 501 compare the second current operation mark identified whether with the first current operation it is consistent.If
Second current operation mark and the first current operation mark are inconsistent, then the confirmation of application service end 501 verifies code check request not
Legal, verification does not pass through.If the second current operation mark is consistent with the first current operation mark, application service end 501 is compared again
It is whether consistent compared with the second identifying code and the first identifying code.If the second identifying code and the first identifying code are consistent, application service end 501
Confirmation verifying code check passes through;Otherwise, the confirmation of application service end 501 verifying code check does not pass through.
The verifying system of the embodiment of the present invention, can meet safe and efficiently identifying code generate, transmission demand and
A set of logic for generating, sending identifying code is realized at each application service end, so that application service end is without being concerned about identifying code
Work is generated and sent, a large amount of workload is saved.In addition, voluntarily configuring short message sending function by identifying code generating means
Or e-mail transmitting function greatly reduces the construction amount and maintenance of Short Message Service Gateway without the participation at application service end.In addition,
It is generated since identifying code generating means are only used as an identifying code, the middleware system of forwarding, it is relevant to business without saving
Data had not only met demand of the business to identifying code is obtained, but also avoided the problem that leaking data occurs as far as possible.
Fig. 6 shows the exemplary of the verification code generation method or identifying code generating means that can apply the embodiment of the present invention
System architecture 600.
As shown in fig. 6, system architecture 600 may include terminal device 601,602,603, network 604, application server
605 and identifying code generate server 606.Network 604 is in terminal device 601,602,603 and application server 605, verifying
Code, which generates, provides the medium of communication link between server 606.Network 604 may include various connection types, such as wired, nothing
Line communication link or fiber optic cables etc..
User can be used terminal device 601,602,603 and be interacted by network 604 with application server 605, to receive
Or send message etc..Various telecommunication customer end applications can be installed, such as shopping class is answered on terminal device 601,602,603
With, web browser applications, searching class application, instant messaging tools, mailbox client, social platform software etc..
Terminal device 601,602,603 can be the various electronic equipments with display screen and supported web page browsing, packet
Include but be not limited to smart phone, tablet computer, pocket computer on knee and desktop computer etc..
Application server 605 can be to provide the server of various services, for example, to user using terminal device 601,
602, the 603 shopping class websites browsed provide the back-stage management server supported.Back-stage management server can with terminal device,
Identifying code generates the interaction of server 606.Illustratively, back-stage management server can be in the verifying for receiving terminal device transmission
After code requirement information, identifying code acquisition request is sent to identifying code and generates server 606, and receives identifying code and generates clothes
The identifying code and current operation mark that business device 606 is sent.Back-stage management server can also receive terminal device transmission
After identifying code and current operation mark, the identifying code and current operation mark pair that server 606 is sent are generated according to identifying code
It is verified, and check results are fed back to terminal device.
Identifying code, which generates server 606, can be to provide the server that identifying code generates service, can be with application server
605 interactions.Further, identifying code, which generates server, can also send data to terminal device.
It is held it should be noted that verification code generation method provided by the present invention generally generates server 606 by identifying code
Row.Correspondingly, identifying code generating means are generally positioned at identifying code and generate in server 606.
It should be understood that the terminal device, network and application server, identifying code in Fig. 6 generate the number of server only
It is schematical.According to needs are realized, it is raw to can have any number of terminal device, network, application server and identifying code
At server.
Fig. 7 shows the structural representation for being suitable for the computer system 700 for the electronic equipment for being used to realize the embodiment of the present invention
Figure.Computer system shown in Fig. 7 is only an example, should not function to the embodiment of the present invention and use scope bring and appoint
What is limited.
As shown in fig. 7, computer system 700 includes central processing unit (CPU) 701, it can be read-only according to being stored in
Program in memory (ROM) 702 or be loaded into the program in random access storage device (RAM) 703 from storage section 708 and
Execute various movements appropriate and processing.In RAM 703, also it is stored with system 700 and operates required various programs and data.
CPU 701, ROM 702 and RAM 703 are connected with each other by bus 704.Input/output (I/O) interface 705 is also connected to always
Line 704.
I/O interface 705 is connected to lower component: the importation 706 including keyboard, mouse etc.;It is penetrated including such as cathode
The output par, c 707 of spool (CRT), liquid crystal display (LCD) etc. and loudspeaker etc.;Storage section 708 including hard disk etc.;
And the communications portion 709 of the network interface card including LAN card, modem etc..Communications portion 709 via such as because
The network of spy's net executes communication process.Driver 710 is also connected to I/O interface 705 as needed.Detachable media 711, such as
Disk, CD, magneto-optic disk, semiconductor memory etc. are mounted on as needed on driver 710, in order to read from thereon
Computer program be mounted into storage section 708 as needed.
Particularly, disclosed embodiment, the process described above with reference to flow chart may be implemented as counting according to the present invention
Calculation machine software program.For example, embodiment disclosed by the invention includes a kind of computer program product comprising be carried on computer
Computer program on readable medium, the computer program include the program code for method shown in execution flow chart.?
In such embodiment, which can be downloaded and installed from network by communications portion 709, and/or from can
Medium 711 is dismantled to be mounted.When the computer program is executed by central processing unit (CPU) 701, system of the invention is executed
The above-mentioned function of middle restriction.
It should be noted that computer-readable medium shown in the present invention can be computer-readable signal media or meter
Calculation machine readable storage medium storing program for executing either the two any combination.Computer readable storage medium for example can be --- but not
Be limited to --- electricity, magnetic, optical, electromagnetic, infrared ray or semiconductor system, device or device, or any above combination.Meter
The more specific example of calculation machine readable storage medium storing program for executing can include but is not limited to: have the electrical connection, just of one or more conducting wires
Taking formula computer disk, hard disk, random access storage device (RAM), read-only memory (ROM), erasable type may be programmed read-only storage
Device (EPROM or flash memory), optical fiber, portable compact disc read-only memory (CD-ROM), light storage device, magnetic memory device,
Or above-mentioned any appropriate combination.In the present invention, computer readable storage medium can be it is any include or storage journey
The tangible medium of sequence, the program can be commanded execution system, device or device use or in connection.And at this
In invention, computer-readable signal media may include in a base band or as carrier wave a part propagate data-signal,
Wherein carry computer-readable program code.The data-signal of this propagation can take various forms, including but unlimited
In electromagnetic signal, optical signal or above-mentioned any appropriate combination.Computer-readable signal media can also be that computer can
Any computer-readable medium other than storage medium is read, which can send, propagates or transmit and be used for
By the use of instruction execution system, device or device or program in connection.Include on computer-readable medium
Program code can transmit with any suitable medium, including but not limited to: wireless, electric wire, optical cable, RF etc. are above-mentioned
Any appropriate combination.
Flow chart and block diagram in attached drawing are illustrated according to the system of various embodiments of the invention, method and computer journey
The architecture, function and operation in the cards of sequence product.In this regard, each box in flowchart or block diagram can generation
A part of one module, program segment or code of table, a part of above-mentioned module, program segment or code include one or more
Executable instruction for implementing the specified logical function.It should also be noted that in some implementations as replacements, institute in box
The function of mark can also occur in a different order than that indicated in the drawings.For example, two boxes succeedingly indicated are practical
On can be basically executed in parallel, they can also be executed in the opposite order sometimes, and this depends on the function involved.Also it wants
It is noted that the combination of each box in block diagram or flow chart and the box in block diagram or flow chart, can use and execute rule
The dedicated hardware based systems of fixed functions or operations is realized, or can use the group of specialized hardware and computer instruction
It closes to realize.
Being described in module involved in the embodiment of the present invention can be realized by way of software, can also be by hard
The mode of part is realized.Described module also can be set in the processor, for example, can be described as: a kind of processor packet
Include receiving module, generation module, sending module.Wherein, the title of these modules is not constituted under certain conditions to the module
The restriction of itself, for example, receiving module is also described as " receiving the module of identifying code acquisition request ".
As on the other hand, the present invention also provides a kind of computer-readable medium, which be can be
Included in equipment described in above-described embodiment;It is also possible to individualism, and without in the supplying equipment.Above-mentioned calculating
Machine readable medium carries one or more program, when said one or multiple programs are executed by the equipment, makes
Obtain the equipment and execute following below scheme: application service end will be verified after receiving the identifying code demand information of applications client
Code acquisition request is sent to identifying code generating means;Identifying code generating means after receiving the identifying code acquisition request,
Identifying code is generated, and the identifying code is sent to the application service end.
Above-mentioned specific embodiment, does not constitute a limitation on the scope of protection of the present invention.Those skilled in the art should be bright
It is white, design requirement and other factors are depended on, various modifications, combination, sub-portfolio and substitution can occur.It is any
Made modifications, equivalent substitutions and improvements etc. within the spirit and principles in the present invention, should be included in the scope of the present invention
Within.
Claims (18)
1. a kind of verification code generation method, which is characterized in that the described method includes:
Identifying code acquisition request is sent to and tests after receiving the identifying code demand information of applications client by application service end
Demonstrate,prove code generating means;
Identifying code generating means generate identifying code after receiving the identifying code acquisition request, and the identifying code is sent out
It send to the application service end.
2. the method according to claim 1, wherein the method also includes:
After receiving the identifying code acquisition request, also generation current operation identifies identifying code generating means, and will be described
Current operation mark is sent to application service end.
3. according to the method described in claim 2, it is characterized in that, the identifying code acquisition request includes: cell-phone number or mailbox
Address and applications client address;The method also includes: it is identified in the generation identifying code and the generation current operation
The step of after, the identifying code is sent to user according to the cell-phone number or the email address by identifying code generating means,
Current operation mark is sent to the applications client according to the applications client address by identifying code generating means.
4. the method according to claim 1, wherein the method also includes:
Before the generation identifying code the step of, identifying code generating means verify the identifying code acquisition request, and
Confirmation verification passes through.
5. according to the method described in claim 2, it is characterized in that, current operation mark includes token;And identifying code
Generating means are according to the token as described in generating under type: generating timestamp and random number;To what is be made of timestamp and random number
Entirety is encrypted, and using encrypted result as the token.
6. a kind of identifying code generating means, which is characterized in that described device includes:
Receiving module, for receiving the identifying code acquisition request at application service end;
Generation module, for generating identifying code;
Sending module, for the identifying code to be sent to the application service end;
Wherein, the identifying code acquisition request is the application service end in the identifying code demand information for receiving applications client
It is rear to identifying code generating means send.
7. device according to claim 6, which is characterized in that the generation module is also used to generate current operation mark;
The sending module, which is also used to identify the current operation, is sent to the application service end.
8. device according to claim 7, which is characterized in that the identifying code acquisition request includes: cell-phone number or mailbox
Address and applications client address;The sending module is also used to will be described according to the cell-phone number or the email address
Identifying code is sent to user, and current operation mark is sent to the application visitor according to the applications client address
Family end.
9. device according to claim 6, which is characterized in that described device further include:
Correction verification module, for being verified to the identifying code acquisition request before the generation module generates identifying code, and
Confirmation verification passes through.
10. device according to claim 7, which is characterized in that the current operation mark includes token;The generation mould
Block is also used to according to the token as described in generating under type: the generation module generates timestamp and random number;The generation module
The entirety being made of timestamp and random number is encrypted, and using encrypted result as the token.
11. a kind of application service end characterized by comprising
Sending module, for after receiving the identifying code demand information of applications client, identifying code acquisition request to be sent
To identifying code generating means;
Receiving module, for receiving the identifying code of identifying code generating means return;
Wherein, the identifying code is that identifying code generating means generate after to identifying code acquisition request verification.
12. application service end according to claim 11, which is characterized in that the receiving module is also used to receive identifying code
The current operation mark that generating means return.
13. application service end according to claim 12, which is characterized in that the receiving module is also used to receive using visitor
Identifying code and the current operation mark that family end is sent;
The application service end further include:
Correction verification module, after being requested in the verifying code check for receiving the applications client transmission, according to the verifying
The identifying code and current operation mark that code generating means return verify it.
14. a kind of verifying system, which is characterized in that the system comprises:
Application service end, for after receiving the identifying code demand information of applications client, identifying code acquisition request to be sent out
It send to identifying code generating means;
Identifying code generating means generate identifying code for after receiving the identifying code acquisition request, and by the verifying
Code is sent to the application service end.
15. system according to claim 14, which is characterized in that the identifying code generating means are also used to receiving
After stating identifying code acquisition request, current operation mark is generated, and current operation mark is sent to the application service
End.
16. system according to claim 15, which is characterized in that the identifying code acquisition request includes: cell-phone number or postal
Case address and applications client address;
The identifying code generating means are also used to that identifying code is sent to user according to the cell-phone number or the email address, with
And current operation mark is sent to by applications client according to the applications client address;
The application service end is also used to after receiving the verifying code check request that the applications client is sent, according to
Identifying code and the current operation mark that the identifying code generating means are sent verify it.
17. a kind of electronic equipment characterized by comprising
One or more processors;
Storage device, for storing one or more programs,
When one or more of programs are executed by one or more of processors, so that one or more of processors are real
The now method as described in any in claim 1 to 5.
18. a kind of computer-readable medium, is stored thereon with computer program, which is characterized in that described program is held by processor
The method as described in any in claim 1 to 5 is realized when row.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201810088412.3A CN110098921A (en) | 2018-01-30 | 2018-01-30 | Verification code generation method, device, application service end and system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201810088412.3A CN110098921A (en) | 2018-01-30 | 2018-01-30 | Verification code generation method, device, application service end and system |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN110098921A true CN110098921A (en) | 2019-08-06 |
Family
ID=67442562
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201810088412.3A Pending CN110098921A (en) | 2018-01-30 | 2018-01-30 | Verification code generation method, device, application service end and system |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN110098921A (en) |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN110704855A (en) * | 2019-10-08 | 2020-01-17 | 深圳市云桥科技服务有限公司 | Request identifier generation method, request identifier verification method and computer equipment |
| CN113742611A (en) * | 2021-01-06 | 2021-12-03 | 北京沃东天骏信息技术有限公司 | Data request processing method and device |
Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101350720A (en) * | 2007-07-18 | 2009-01-21 | 中国移动通信集团公司 | Dynamic cipher authentication system and method |
| CN101977194A (en) * | 2010-10-29 | 2011-02-16 | 赵俊平 | Third-party verification code system and third-party verification code provision method |
| US20150312236A1 (en) * | 2014-04-29 | 2015-10-29 | Twitter, Inc. | Authentication mechanism |
| CN105450641A (en) * | 2015-11-13 | 2016-03-30 | 中国建设银行股份有限公司 | Verification method, verification device and verification system |
| CN105635043A (en) * | 2014-10-29 | 2016-06-01 | 绍兴水滴网络科技有限公司 | System and method of validate code safety on the basis of cloud calculation |
-
2018
- 2018-01-30 CN CN201810088412.3A patent/CN110098921A/en active Pending
Patent Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101350720A (en) * | 2007-07-18 | 2009-01-21 | 中国移动通信集团公司 | Dynamic cipher authentication system and method |
| CN101977194A (en) * | 2010-10-29 | 2011-02-16 | 赵俊平 | Third-party verification code system and third-party verification code provision method |
| US20150312236A1 (en) * | 2014-04-29 | 2015-10-29 | Twitter, Inc. | Authentication mechanism |
| CN105635043A (en) * | 2014-10-29 | 2016-06-01 | 绍兴水滴网络科技有限公司 | System and method of validate code safety on the basis of cloud calculation |
| CN105450641A (en) * | 2015-11-13 | 2016-03-30 | 中国建设银行股份有限公司 | Verification method, verification device and verification system |
Cited By (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN110704855A (en) * | 2019-10-08 | 2020-01-17 | 深圳市云桥科技服务有限公司 | Request identifier generation method, request identifier verification method and computer equipment |
| CN110704855B (en) * | 2019-10-08 | 2021-07-23 | 深圳市云桥科技服务有限公司 | Request identifier generation method, request identifier verification method and computer equipment |
| CN113742611A (en) * | 2021-01-06 | 2021-12-03 | 北京沃东天骏信息技术有限公司 | Data request processing method and device |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN107249004B (en) | Identity authentication method, device and client | |
| CN108881108A (en) | The method and apparatus of rights management | |
| CN109756337A (en) | A kind of safety access method and device of service interface | |
| CN109769240A (en) | Bluetooth connecting method, device and system | |
| CN112883435B (en) | Method and equipment for realizing safe communication with intelligent contract | |
| CN113271311B (en) | Digital identity management method and system in cross-link network | |
| CN109726545B (en) | Information display method, equipment, computer readable storage medium and device | |
| CN111163052B (en) | Method, device, medium and electronic equipment for connecting Internet of things platform | |
| CN111784887A (en) | Authorization releasing method, device and system for user access | |
| US20240259203A1 (en) | Information Verification Method and Apparatus | |
| CN110263581A (en) | Contract signs method, system, terminal device and storage medium | |
| CN108805476A (en) | Electronics signs for method and apparatus | |
| CN110493239A (en) | The method and apparatus of authentication | |
| CN109767208A (en) | A kind of method of payment and payment mechanism | |
| CN110134427A (en) | A kind of method and apparatus generating code file | |
| CN110247758A (en) | The method, apparatus and code management device of Password Management | |
| CN109005208A (en) | Method and apparatus for pushed information | |
| CN110247917A (en) | Method and apparatus for authenticating identity | |
| CN112202744A (en) | Multi-system data communication method and device | |
| CN104281272A (en) | Password input processing method and device | |
| CN108880923A (en) | The method and apparatus that policer operation applied to application server is requested | |
| CN108305071A (en) | A kind of method and apparatus of enquiring digital currency managing detailed catalogue | |
| CN110098921A (en) | Verification code generation method, device, application service end and system | |
| CN108881122A (en) | The method and apparatus of APP Information Authentication | |
| CN108875355A (en) | A kind of control method and device of access authority |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20190806 |
|
| RJ01 | Rejection of invention patent application after publication |