CN117454338A - Self-service identity registration and identity authentication method - Google Patents
Self-service identity registration and identity authentication method Download PDFInfo
- Publication number
- CN117454338A CN117454338A CN202311413624.1A CN202311413624A CN117454338A CN 117454338 A CN117454338 A CN 117454338A CN 202311413624 A CN202311413624 A CN 202311413624A CN 117454338 A CN117454338 A CN 117454338A
- Authority
- CN
- China
- Prior art keywords
- identity
- user
- registration
- authentication
- identity authentication
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 title claims abstract description 45
- 230000001360 synchronised effect Effects 0.000 claims abstract description 9
- 238000012795 verification Methods 0.000 claims description 13
- 238000004590 computer program Methods 0.000 claims description 11
- 238000004458 analytical method Methods 0.000 claims description 10
- 238000012545 processing Methods 0.000 claims description 9
- 238000005422 blasting Methods 0.000 claims description 5
- 235000014510 cooky Nutrition 0.000 claims description 4
- 238000000586 desensitisation Methods 0.000 claims description 3
- 239000000284 extract Substances 0.000 abstract description 7
- 230000007246 mechanism Effects 0.000 abstract description 7
- 238000004891 communication Methods 0.000 description 8
- 230000008569 process Effects 0.000 description 5
- 238000005516 engineering process Methods 0.000 description 3
- 238000013461 design Methods 0.000 description 2
- 230000002093 peripheral effect Effects 0.000 description 2
- 239000011800 void material Substances 0.000 description 2
- 238000003491 array Methods 0.000 description 1
- 230000009286 beneficial effect Effects 0.000 description 1
- 239000000470 constituent Substances 0.000 description 1
- 238000011161 development Methods 0.000 description 1
- 238000010586 diagram Methods 0.000 description 1
- 238000000802 evaporation-induced self-assembly Methods 0.000 description 1
- 230000006872 improvement Effects 0.000 description 1
- 230000003993 interaction Effects 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 230000003252 repetitive effect Effects 0.000 description 1
- 238000006467 substitution reaction Methods 0.000 description 1
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/31—User authentication
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Theoretical Computer Science (AREA)
- Computer Hardware Design (AREA)
- Software Systems (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)
Abstract
The invention relates to the technical field of identity recognition, in particular to a self-service identity registration and identity authentication method, a self-service identity registration and identity authentication system, computer equipment and a storage medium. The method receives request data, intercepts and identifies the request data, extracts Token in the request data, and analyzes the Token in validity to confirm whether the user has completed identity authentication; if the user does not complete identity authentication, guiding the user to complete identity authentication, if the identity authentication system judges that the current user identity does not exist, and judges that the user logs in for the first time, guiding the user to go to an identity registration page for identity registration so as to complete identity creation; when the user logs in again after completing the identity creation, returning to the step S10 to perform secondary synchronous check; the invention expands the software identity authentication mode, increases the autonomous registration mechanism, reduces manual operation and improves the usability of software.
Description
Technical Field
The present invention relates to the field of identity recognition technologies, and in particular, to a self-service identity registration and identity authentication method, system, computer device, and storage medium.
Background
Identity verification, also referred to as "identity authentication" or "identity authentication", refers to the process of verifying the identity of an operator in a computer and a computer network system, so as to determine whether the user has access and use rights to a certain resource, thereby enabling the access policies of the computer and the network system to be reliably and effectively executed, preventing an attacker from impersonating a legitimate user to obtain the access rights of the resource, ensuring the security of the system and data, and authorizing the legitimate interests of the visitor.
Traditional identity authentication technology has been gradually overridden and replaced from the aspects of standard type, security and usability, and the traditional identity authentication method comprises the following steps: passwords, tokens, and certificate keys, etc. In the conventional password identification method, a user does not pay attention to enough potential safety hazards when setting the password, so that an identity card number, a birthday or a telephone number and the like are simply used, the password is confused or even lost, and the traditional identity authentication mode has larger potential hazards.
With the continuous development of society, more places need to use identity authentication, the traditional identity authentication method cannot meet the wide demands, more systems need to realize no artificial reform, and autonomous registration and identity authentication of users are very important.
In the traditional ERP identity authentication mode, when a user logs in an ERP system for the first time, if no account information matched with the user is available, the identity authentication cannot be completed, and therefore the ERP system cannot be used.
Disclosure of Invention
In order to solve the technical problems in the prior art, the invention provides a self-service identity registration and identity authentication method, a self-service identity registration and identity authentication system, computer equipment and a storage medium.
In order to achieve the above object, the embodiment of the present invention provides the following technical solutions:
in a first aspect, in one embodiment provided by the present invention, a self-service identity registration and identity authentication method is provided, the method comprising the steps of:
s10, receiving request data, intercepting and identifying the request data, extracting Token in the request data, and carrying out validity analysis on the Token to confirm whether the user has completed identity authentication;
s20, if the user does not complete identity authentication, guiding the user to complete identity authentication, if the identity authentication system judges that the current user identity does not exist, and judges that the user logs in for the first time, guiding the user to go to an identity registration page for identity registration so as to complete identity creation;
s30, when the user logs in again after the identity is established, returning to the step S10 to perform secondary synchronization check.
The invention accepts request data, intercepts and identifies the request data, extracts Token in the request data, and analyzes the Token in validity to confirm whether the user has completed identity authentication; if the user does not complete identity authentication, guiding the user to complete identity authentication, if the identity authentication system judges that the current user identity does not exist, and judges that the user logs in for the first time, guiding the user to go to an identity registration page for identity registration so as to complete identity creation; when the user logs in again after completing the identity creation, returning to the step S10 to perform secondary synchronous check; the invention expands the software identity authentication mode, increases the autonomous registration mechanism, reduces manual operation and improves the usability of software.
As a further aspect of the invention, token exists in browser cookies.
As a further aspect of the present invention, if the user does not complete the identity authentication, guiding the user to complete the identity authentication, further includes:
when the identity authentication system judges that the identity of the current user exists, access is refused if the identity authentication information is wrong;
if the authentication information is correct, access is allowed.
When the system guides the user to go to the identity registration page to carry out identity registration, the user is required to provide necessary information required by identity authentication and the system, the identity registration is carried out after the user information is perfected, the system creates a user account according to the identity information, and information binding is completed, so that the system can log in after the identity authentication.
As a further scheme of the invention, if the user is judged to be logged in for the first time, the user is guided to go to an identity registration page to carry out identity registration so as to complete identity creation, and the method further comprises the following steps:
when the identity registration is carried out, encryption processing or desensitization processing is carried out on the sensitive information.
As a further scheme of the invention, if the user is judged to be logged in for the first time, the user is guided to go to an identity registration page to carry out identity registration so as to complete identity creation, and the method further comprises the following steps:
when the identity registration is carried out, the identity registration is required to be subjected to side blasting treatment.
In a second aspect, in yet another embodiment provided by the present invention, there is provided a self-service identity registration and authentication system comprising: the system comprises a data receiving module, an identity verification registering module and a judging and transferring-out module;
the data receiving module is used for receiving the request data, intercepting and identifying the request data, extracting Token in the request data, and carrying out validity analysis on the Token to confirm whether the user has completed identity authentication;
the identity authentication registration module is used for guiding the user to complete identity authentication if the user does not complete identity authentication, and guiding the user to go to an identity registration page to perform identity registration if the identity authentication system judges that the current user identity does not exist and judges that the user logs in for the first time so as to complete identity creation;
and the judging and transferring module is used for returning to the data receiving module for secondary synchronous check when the user logs in again after completing the identity creation.
As a further scheme of the invention, the identity authentication registration module is further used for rejecting access if the identity authentication information is wrong when the identity authentication system determines that the current user identity exists; if the authentication information is correct, access is allowed.
As a further scheme of the invention, the identity authentication registration module is also used for encrypting or desensitizing the sensitive information when the identity is registered.
In a third aspect, in yet another embodiment provided by the present invention, a computer device is provided, including a memory and a processor, the memory storing a computer program, the processor implementing the steps of the self-service identity registration and authentication method when the computer program is loaded and executed.
In a fourth aspect, in a further embodiment the present invention provides a storage medium storing a computer program which when loaded and executed by a processor performs the steps of the self-service identity registration and authentication method.
The technical scheme provided by the invention has the following beneficial effects:
the self-service identity registration and identity authentication method, the self-service identity registration and identity authentication system, the computer equipment and the storage medium provided by the invention are characterized in that the method receives request data, intercepts and identifies the request data, extracts Token in the request data, and performs validity analysis on Token to confirm whether a user has completed identity authentication; if the user does not complete identity authentication, guiding the user to complete identity authentication, if the identity authentication system judges that the current user identity does not exist, and judges that the user logs in for the first time, guiding the user to go to an identity registration page for identity registration so as to complete identity creation; when the user logs in again after completing the identity creation, returning to the step S10 to perform secondary synchronous check; the invention expands the software identity authentication mode, increases the autonomous registration mechanism, reduces manual operation and improves the usability of software.
These and other aspects of the invention will be more readily apparent from the following description of the embodiments. It is to be understood that both the foregoing general description and the following detailed description are exemplary and explanatory only and are not restrictive of the invention as claimed.
Drawings
In order to more clearly illustrate the embodiments of the invention or the technical solutions in the prior art, the drawings that are necessary for the description of the embodiments or the prior art will be briefly described, it being obvious that the drawings in the following description are only some embodiments of the invention and that other embodiments may be obtained according to these drawings without inventive effort for a person skilled in the art.
FIG. 1 is a flow chart of a self-service identity registration and authentication method according to one embodiment of the present invention.
FIG. 2 is a block diagram illustrating a self-service identity registration and authentication system according to one embodiment of the present invention.
In the figure: the system comprises a data receiving module-100, an identity verification registering module-200 and a judging and transferring-out module-300.
Detailed Description
Various embodiments and/or aspects are described below with reference to the accompanying drawings. In the following description, for purposes of explanation, numerous specific details are set forth in order to provide a thorough understanding of one or more aspects. However, it will be understood by those skilled in the art that the aspects may be practiced without the specific details. Specific examples of one or more aspects will be described in detail below with reference to the accompanying drawings. However, these aspects are illustrative, and some of the various methods in which the principles of the various aspects may be utilized, and the description set forth is intended to include all aspects and their equivalents. In particular, the terms "embodiment," "example," "modality," "illustration," and the like as used in this specification may be construed as describing any modality or design that may be better or have advantages than other modalities or designs.
In addition, the various aspects and features may be embodied in systems that include more than one device, terminal, server, apparatus, component, and/or module, etc. It is to be understood and appreciated that the various systems may include additional pluralities of devices, terminals, servers, apparatus, components, and/or modules, and/or may not include all of the pluralities of devices, terminals, servers, apparatus, components, modules, etc. shown in the figures.
The terms "computer program," "component," "module," "system," and the like are used interchangeably herein and refer to a computer-related entity, hardware, firmware, software, a combination of software and hardware, or execution of software. For example, a component may be, but is not limited to being, a process executing on a processor, an object, a thread of execution, a program, and/or a computer. For example, it may be an application executing on a computer device and/or all components of a computing device. More than one component may be installed within a processor and/or thread of execution. A component may be localized in one computer. A component may also be distributed between more than two computers.
Also, these components can execute from various computer readable media having various data structures stored therein. These components may communicate by way of local and/or remote processes such as in accordance with a signal having one or more data packets (e.g., data transmitted by one component interacting with another component in a local system, distributed system, and across a network such as the internet with the other system by way of the signal).
Hereinafter, the same reference numerals are given to the same or similar components irrespective of the drawing symbols, and a repetitive description thereof will be omitted. In the description of the embodiments disclosed in the present specification, if it is determined that the detailed description of the known technology makes the gist of the present invention unclear, detailed description thereof will be omitted. The drawings are only for easier understanding of the embodiments disclosed in the present specification, and the technical ideas disclosed in the present specification are not limited to the drawings.
The terminology used in the description is for the purpose of describing the embodiments only and is not intended to be limiting of the invention. Where not specifically mentioned, singular references in this specification include plural references. The inclusion and/or inclusion of components in the specification do not preclude the presence or addition of one or more other components.
The terms first, second, etc. may be used to describe various elements or components, but the elements or components are not limited to the terms. The term is used to distinguish one element or component from another element or component. Therefore, the first element or component mentioned below may be the 2 nd element or component within the technical idea of the present invention.
Unless defined otherwise, all terms (including technical and scientific terms) used in this specification have the same meaning as commonly understood by one of ordinary skill in the art to which this invention belongs. In addition, terms defined in a dictionary generally used should not be interpreted in an idealized or overdecommenced manner unless specifically defined.
In addition, the term "or" is not intended to be exclusive "or" but rather is inclusive. That is, "X employs A or B" means one of the substitutions of natural connotation unless otherwise specifically or contextually ambiguous. That is, X utilizes A or; when X is B or X is A and B, the "X is A or B" may be any of the above. Also, it should be understood that the term "and/or" as used in this specification refers to all possible combinations of more than one of the items included in the list of related items.
In addition, the terms "information" and "data" are generally used interchangeably in this specification.
The suffixes "module" and "part" for the constituent elements used in the following description are given or used for convenience of writing the description, and do not have mutually distinguishing meanings or roles.
Identity verification, also referred to as "identity authentication" or "identity authentication", refers to the process of verifying the identity of an operator in a computer and a computer network system, so as to determine whether the user has access and use rights to a certain resource, thereby enabling the access policies of the computer and the network system to be reliably and effectively executed, preventing an attacker from impersonating a legitimate user to obtain the access rights of the resource, ensuring the security of the system and data, and authorizing the legitimate interests of the visitor.
In the traditional ERP identity authentication mode, when a user logs in an ERP system for the first time, if no account information matched with the user is available, the identity authentication cannot be completed, and therefore the ERP system cannot be used. The invention provides a self-service identity registration method, namely when a user logs in an ERP system for the first time, if no account information matched with the user exists, the self-service identity registration can be automatically completed, so that identity authentication is completed, the user logs in the system, and the self-service identity registration and identity authentication method, the self-service identity registration system, computer equipment and storage media are provided for solving the technical problem.
In particular, embodiments of the present invention are further described below with reference to the accompanying drawings.
Referring to fig. 1, fig. 1 is a flowchart of a self-service identity registration and identity authentication method according to an embodiment of the present invention, as shown in fig. 1, the self-service identity registration and identity authentication method includes steps S10 to S30.
S10, receiving request data, intercepting and identifying the request data, extracting Token in the request data, and carrying out validity analysis on the Token to confirm whether the user has completed identity authentication;
in an embodiment of the present invention, the Token exists in a browser Cookie.
S20, if the user does not complete identity authentication, guiding the user to complete identity authentication, if the identity authentication system judges that the current user identity does not exist, and judges that the user logs in for the first time, guiding the user to go to an identity registration page for identity registration so as to complete identity creation;
in an embodiment of the present invention, if the user does not complete the identity authentication, guiding the user to complete the identity authentication further includes:
when the identity authentication system judges that the identity of the current user exists, access is refused if the identity authentication information is wrong;
if the authentication information is correct, access is allowed.
When the system guides the user to go to the identity registration page to carry out identity registration, the user is required to provide necessary information required by identity authentication and the system, the identity registration is carried out after the user information is perfected, the system creates a user account according to the identity information, and information binding is completed, so that the system can log in after the identity authentication.
In the embodiment of the invention, if the user is judged to be logged in for the first time, the user is guided to go to the identity registration page to carry out identity registration so as to complete the identity creation, and the method further comprises the following steps:
when the identity registration is carried out, encryption processing or desensitization processing is carried out on the sensitive information.
In the embodiment of the invention, if the user is judged to be logged in for the first time, the user is guided to go to the identity registration page to carry out identity registration so as to complete the identity creation, and the method further comprises the following steps:
when the identity registration is carried out, the identity registration is required to be subjected to side blasting treatment, for example, a graphic verification code, a short message verification code and the like are relied on.
The identity registration checks whether pre-registration information exists, such as a graphic verification code, a short message verification code and the like:
boolean matchesPreBindingRequest(HttpServletRequest var1);
identity pre-registration:
void preBind(HttpServletRequest var1,HttpServletResponse var2);
checking if pre-registration is required:
boolean matchesBindingRequest(HttpServletRequest var1);
identity registration:
UserDetails bind(HttpServletRequest var1,UserDetails var2);
address after registration success:
String getRedirectUri();
register address:
String getBindingSuccessUri()。
s30, when the user logs in again after the identity is established, returning to the step S10 to perform secondary synchronization check.
The invention accepts request data, intercepts and identifies the request data, extracts Token in the request data, and analyzes the Token in validity to confirm whether the user has completed identity authentication; if the user does not complete identity authentication, guiding the user to complete identity authentication, if the identity authentication system judges that the current user identity does not exist, and judges that the user logs in for the first time, guiding the user to go to an identity registration page for identity registration so as to complete identity creation; when the user logs in again after completing the identity creation, returning to the step S10 to perform secondary synchronous check; the invention expands the software identity authentication mode, increases the autonomous registration mechanism, reduces manual operation and improves the usability of software.
It should be understood that although described in a certain order, the steps are not necessarily performed sequentially in the order described. The steps are not strictly limited to the order of execution unless explicitly recited herein, and the steps may be executed in other orders. Moreover, some steps of the present embodiment may include a plurality of steps or stages, which are not necessarily performed at the same time, but may be performed at different times, and the order of the steps or stages is not necessarily sequential, but may be performed alternately or alternately with at least a part of the steps or stages in other steps or other steps.
In one embodiment, referring to fig. 2, a self-service identity registration and authentication system is also provided in an embodiment of the present invention, which includes a data receiving module 100, an authentication registration module 200, and a judgment turning-out module 300.
The data receiving module 100 is configured to receive the request data, intercept and identify the request data, extract Token in the request data, and perform validity analysis on the Token to confirm whether the user has completed identity authentication.
In an embodiment of the present invention, the Token exists in a browser Cookie.
The identity authentication registration module 200 is configured to guide the user to complete identity authentication if the user does not complete identity authentication, and guide the user to go to the identity registration page to perform identity registration if the identity authentication system determines that the current user identity does not exist and determines that the user is logged in for the first time, so as to complete identity creation.
In the embodiment of the present invention, the authentication registration module 200 is further configured to, when the authentication system determines that the current user identity exists, deny access if the authentication information is wrong; if the authentication information is correct, access is allowed.
When the system guides the user to go to the identity registration page to carry out identity registration, the user is required to provide necessary information required by identity authentication and the system, the identity registration is carried out after the user information is perfected, the system creates a user account according to the identity information, and information binding is completed, so that the system can log in after the identity authentication.
In the embodiment of the present invention, the authentication registration module 200 is further configured to encrypt or desensitize sensitive information when performing identity registration.
In the embodiment of the present invention, the authentication registration module 200 is further configured to require a side blasting process to be performed on the identity registration, for example, relying on a graphic authentication code, a short message authentication code, and the like, when performing the identity registration.
When the identity registration is carried out, the identity registration is required to be subjected to side blasting treatment, for example, a graphic verification code, a short message verification code and the like are relied on.
The identity registration checks whether pre-registration information exists, such as a graphic verification code, a short message verification code and the like:
boolean matchesPreBindingRequest(HttpServletRequest var1);
identity pre-registration:
void preBind(HttpServletRequest var1,HttpServletResponse var2);
checking if pre-registration is required:
boolean matchesBindingRequest(HttpServletRequest var1);
identity registration:
UserDetails bind(HttpServletRequest var1,UserDetails var2);
address after registration success:
String getRedirectUri();
register address:
String getBindingSuccessUri()。
the judgment turning-out module 300 is configured to return to the data receiving module 100 for secondary synchronization check when the user logs in again after completing the identity creation.
The invention accepts request data, intercepts and identifies the request data, extracts Token in the request data, and analyzes the Token in validity to confirm whether the user has completed identity authentication; if the user does not complete identity authentication, guiding the user to complete identity authentication, if the identity authentication system judges that the current user identity does not exist, and judges that the user logs in for the first time, guiding the user to go to an identity registration page for identity registration so as to complete identity creation; when the user logs in again after completing the identity creation, returning to the step S10 to perform secondary synchronous check; the invention expands the software identity authentication mode, increases the autonomous registration mechanism, reduces manual operation and improves the usability of software.
In one embodiment, a computer device is also provided in an embodiment of the present invention, including a processor, a communication interface, a memory, and a communication bus, where the processor, the communication interface, and the memory communicate with each other via the communication bus.
A memory for storing a computer program;
the processor is used for executing the self-service identity registration and identity authentication method when executing the computer program stored in the memory, and the steps in the embodiment of the method are realized when the processor executes the instructions:
s10, receiving request data, intercepting and identifying the request data, extracting Token in the request data, and carrying out validity analysis on the Token to confirm whether the user has completed identity authentication;
s20, if the user does not complete identity authentication, guiding the user to complete identity authentication, if the identity authentication system judges that the current user identity does not exist, and judges that the user logs in for the first time, guiding the user to go to an identity registration page for identity registration so as to complete identity creation;
s30, when the user logs in again after the identity is established, returning to the step S10 to perform secondary synchronization check.
The invention accepts request data, intercepts and identifies the request data, extracts Token in the request data, and analyzes the Token in validity to confirm whether the user has completed identity authentication; if the user does not complete identity authentication, guiding the user to complete identity authentication, if the identity authentication system judges that the current user identity does not exist, and judges that the user logs in for the first time, guiding the user to go to an identity registration page for identity registration so as to complete identity creation; when the user logs in again after completing the identity creation, returning to the step S10 to perform secondary synchronous check; the invention expands the software identity authentication mode, increases the autonomous registration mechanism, reduces manual operation and improves the usability of software.
The communication bus mentioned by the above terminal may be a peripheral component interconnect standard (Peripheral ComponentInterconnect, abbreviated as PCI) bus or an extended industry standard architecture (Extended Industry StandardArchitecture, abbreviated as EISA) bus, etc. The communication bus may be classified as an address bus, a data bus, a control bus, or the like. For ease of illustration, the figures are shown with only one bold line, but not with only one bus or one type of bus.
The communication interface is used for communication between the terminal and other devices.
The memory may include random access memory (Random Access Memory, RAM) or non-volatile memory (non-volatile memory), such as at least one disk memory. Optionally, the memory may also be at least one memory device located remotely from the aforementioned processor.
The processor may be a general-purpose processor, including a central processing unit (Central Processing Unit, CPU for short), a network processor (Network Processor, NP for short), etc.; but also digital signal processors (Digital Signal Processing, DSP for short), application specific integrated circuits (Application SpecificIntegrated Circuit, ASIC for short), field-programmable gate arrays (Field-Programmable Gate Array, FPGA for short) or other programmable logic devices, discrete gate or transistor logic devices, discrete hardware components.
The computer device includes a user device and a network device. Wherein the user equipment includes, but is not limited to, a computer, a smart phone, a PDA, etc.; the network device includes, but is not limited to, a single network server, a server group of multiple network servers, or a Cloud based Cloud Computing (Cloud Computing) consisting of a large number of computers or network servers, where Cloud Computing is one of distributed Computing, and is a super virtual computer consisting of a group of loosely coupled computer sets. The computer device can be used for realizing the invention by running alone, and can also be accessed into a network and realized by interaction with other computer devices in the network. Wherein the network where the computer device is located includes, but is not limited to, the internet, a wide area network, a metropolitan area network, a local area network, a VPN network, and the like.
It should also be understood that the term "and/or" as used in the present specification and the appended claims refers to any and all possible combinations of one or more of the associated listed items, and includes such combinations.
In one embodiment of the present invention there is also provided a storage medium having stored thereon a computer program which, when executed by a processor, performs the steps of the method embodiments described above:
s10, receiving request data, intercepting and identifying the request data, extracting Token in the request data, and carrying out validity analysis on the Token to confirm whether the user has completed identity authentication;
s20, if the user does not complete identity authentication, guiding the user to complete identity authentication, if the identity authentication system judges that the current user identity does not exist, and judges that the user logs in for the first time, guiding the user to go to an identity registration page for identity registration so as to complete identity creation;
s30, when the user logs in again after the identity is established, returning to the step S10 to perform secondary synchronization check.
The invention provides a self-service identity registration and identity authentication method, a self-service identity registration and identity authentication system, computer equipment and a storage medium, wherein the self-service identity registration and identity authentication method comprises the steps of receiving request data, intercepting and identifying the request data, extracting Token in the request data, and carrying out validity analysis on Token to confirm whether a user has completed identity authentication; if the user does not complete identity authentication, guiding the user to complete identity authentication, if the identity authentication system judges that the current user identity does not exist, and judges that the user logs in for the first time, guiding the user to go to an identity registration page for identity registration so as to complete identity creation; when the user logs in again after completing the identity creation, returning to the step S10 to perform secondary synchronous check; the invention expands the software identity authentication mode, increases the autonomous registration mechanism, reduces manual operation and improves the usability of software.
Those skilled in the art will appreciate that implementing all or part of the above described embodiment methods may be accomplished by way of a computer program stored on a non-transitory computer readable storage medium, which when executed, may comprise the steps of the above described embodiment methods. Any reference to memory, storage, database, or other medium used in embodiments provided herein may include at least one of non-volatile and volatile memory.
It should be understood that as used herein, the singular forms "a", "an", and "the" are intended to include the plural forms as well, unless the context clearly supports the exception. It should also be understood that "and/or" as used herein is meant to include any and all possible combinations of one or more of the associated listed items. The foregoing embodiment of the present invention has been disclosed with reference to the number of embodiments for the purpose of description only, and does not represent the advantages or disadvantages of the embodiments.
Those of ordinary skill in the art will appreciate that: the above discussion of any embodiment is merely exemplary and is not intended to imply that the scope of the disclosure of embodiments of the invention, including the claims, is limited to such examples; combinations of features of the above embodiments or in different embodiments are also possible within the idea of an embodiment of the invention, and many other variations of the different aspects of the embodiments of the invention as described above exist, which are not provided in detail for the sake of brevity. Therefore, any omission, modification, equivalent replacement, improvement, etc. of the embodiments should be included in the protection scope of the embodiments of the present invention.
Claims (10)
1. A self-service identity registration and identity authentication method, the method comprising:
s10, receiving request data, intercepting and identifying the request data, extracting Token in the request data, and carrying out validity analysis on the Token to confirm whether the user has completed identity authentication;
s20, if the user does not complete identity authentication, guiding the user to complete identity authentication, if the identity authentication system judges that the current user identity does not exist, and judges that the user logs in for the first time, guiding the user to go to an identity registration page for identity registration so as to complete identity creation;
s30, when the user logs in again after the identity is established, returning to the step S10 to perform secondary synchronization check.
2. The self-service identity registration and authentication method of claim 1, wherein Token exists in a browser Cookie.
3. The self-service identity registration and authentication method as claimed in claim 1, wherein if the user does not complete the identity authentication, guiding the user to complete the identity authentication, further comprising:
when the identity authentication system judges that the identity of the current user exists, access is refused if the identity authentication information is wrong;
if the authentication information is correct, access is allowed.
4. The self-service identity registration and identity authentication method as claimed in claim 3, wherein if it is determined that the user is logged in for the first time, the user is guided to go to the identity registration page to perform identity registration to complete identity creation, further comprising:
when the identity registration is carried out, encryption processing or desensitization processing is carried out on the sensitive information.
5. The self-service identity registration and identity authentication method as claimed in claim 4, wherein if it is determined that the user is logged in for the first time, the user is guided to go to the identity registration page to perform identity registration to complete identity creation, further comprising:
when the identity registration is carried out, the identity registration is required to be subjected to side blasting treatment.
6. A self-service identity registration and authentication system, the system comprising: the system comprises a data receiving module, an identity verification registering module and a judging and transferring-out module;
the data receiving module is used for receiving the request data, intercepting and identifying the request data, extracting Token in the request data, and carrying out validity analysis on the Token to confirm whether the user has completed identity authentication;
the identity authentication registration module is used for guiding the user to complete identity authentication if the user does not complete identity authentication, and guiding the user to go to an identity registration page to perform identity registration if the identity authentication system judges that the current user identity does not exist and judges that the user logs in for the first time so as to complete identity creation;
and the judging and transferring module is used for returning to the data receiving module for secondary synchronous check when the user logs in again after completing the identity creation.
7. The self-service identity registration and authentication system of claim 6 wherein the authentication registration module is further configured to deny access if the authentication information is incorrect when the authentication system determines that the current user identity is present; if the authentication information is correct, access is allowed.
8. The self-service identity registration and authentication system of claim 6 wherein the authentication registration module is further configured to encrypt or desensitize sensitive information during identity registration.
9. A computer device comprising a memory and a processor, the memory storing a computer program, the processor implementing the steps of the self-service identity registration and authentication method of any one of claims 1-5 when the computer program is loaded and executed.
10. A storage medium storing a computer program which, when loaded and executed by a processor, carries out the steps of a self-service identity registration and authentication method according to any one of claims 1 to 5.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202311413624.1A CN117454338A (en) | 2023-10-27 | 2023-10-27 | Self-service identity registration and identity authentication method |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202311413624.1A CN117454338A (en) | 2023-10-27 | 2023-10-27 | Self-service identity registration and identity authentication method |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN117454338A true CN117454338A (en) | 2024-01-26 |
Family
ID=89581213
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202311413624.1A Pending CN117454338A (en) | 2023-10-27 | 2023-10-27 | Self-service identity registration and identity authentication method |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN117454338A (en) |
-
2023
- 2023-10-27 CN CN202311413624.1A patent/CN117454338A/en active Pending
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US20200304491A1 (en) | Systems and methods for using imaging to authenticate online users | |
| US9560033B2 (en) | Method and system for authenticating user identity | |
| US7162456B2 (en) | Method for private personal identification number management | |
| US20080066165A1 (en) | Method, system and program product for authenticating a user seeking to perform an electronic service request | |
| CN106575281B (en) | System and method for implementing hosted authentication services | |
| EP2199940A2 (en) | Methods and systems for detecting man-in-the-browser attacks | |
| WO2020181809A1 (en) | Data processing method and system based on interface checking, and computer device | |
| CN101221641B (en) | On-line trading method and its safety affirmation equipment | |
| US8577811B2 (en) | In-band transaction verification | |
| CN107682336B (en) | Geographic position-based identity authentication method and device | |
| CN111581616B (en) | Multi-terminal login control method and device | |
| CN111191212B (en) | Block chain-based digital certificate processing method, device, equipment and storage medium | |
| US7596531B2 (en) | Method and apparatus for protecting against side channel attacks against personal identification numbers | |
| KR20240024112A (en) | System and method for contactless card communication and multi-device key pair cryptographic authentication | |
| CN113014576B (en) | Service authority control method, device, server and storage medium | |
| CN111832005A (en) | Application authorization method, application authorization device and electronic equipment | |
| JP2023507568A (en) | System and method for protection against malicious program code injection | |
| KR20170059359A (en) | Verification mehod and appratus based on security tunnel | |
| WO2018098699A1 (en) | Transaction processing method and device | |
| US7167843B2 (en) | Apparatus for private personal identification number management | |
| CN106533685B (en) | Identity authentication method, device and system | |
| US10616262B2 (en) | Automated and personalized protection system for mobile applications | |
| CN110546668B (en) | Dynamic authentication method and system for card transaction | |
| CN111935716B (en) | Authentication method, authentication system and computing device | |
| Mandalapu et al. | An NFC featured three level authentication system for tenable transaction and abridgment of ATM card blocking intricacies |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination |