(19)
(11)EP 3 525 410 A1

(12)EUROPEAN PATENT APPLICATION
published in accordance with Art. 153(4) EPC

(43)Date of publication:
14.08.2019 Bulletin 2019/33

(21)Application number: 17860687.7

(22)Date of filing:  26.09.2017
(51)Int. Cl.: 
H04L 29/06  (2006.01)
(86)International application number:
PCT/CN2017/103390
(87)International publication number:
WO 2018/068631 (19.04.2018 Gazette  2018/16)
(84)Designated Contracting States:
AL AT BE BG CH CY CZ DE DK EE ES FI FR GB GR HR HU IE IS IT LI LT LU LV MC MK MT NL NO PL PT RO RS SE SI SK SM TR
Designated Extension States:
BA ME
Designated Validation States:
MA MD

(30)Priority: 10.10.2016 CN 201610884223

(71)Applicant: Alibaba Group Holding Limited
Grand Cayman (KY)

(72)Inventor:
  • SUN, Chao
    Hangzhou Zhejiang 311121 (CN)

(74)Representative: Conroy, John 
Fish & Richardson P.C. Highlight Business Towers Mies-van-der-Rohe-Straße 8
80807 München
80807 München (DE)

  


(54)ACCOUNT LOGIN METHOD, APPARATUS, AND SERVER


(57) The present application provides a method, apparatus and server for account login. The method for account login is applied to a server and includes: receiving a login request from a mobile apparatus, where the login request includes a variable apparatus ID; searching a user account database for user account information corresponding to the variable apparatus ID; if identifying the user account information corresponding to the variable apparatus ID, determining, based on a timestamp in the variable apparatus ID and a current time of the server, whether the variable apparatus ID needs to be updated; and if the variable apparatus ID needs to be updated, sending an account login permission instruction and an updated variable apparatus ID to the mobile apparatus. In the method for account login, security of automatic login can be improved.




Description

TECHNICAL FIELD



[0001] The present application relates to the field of network communications technologies, and in particular, to a method, apparatus and server for account login.

BACKGROUND



[0002] With development of Internet technologies, applications (app) based on mobile apparatuses are continuously developed and widely used. Login of a personal account is involved in many scenarios when using various apps. What's more, after login for the first time, a user can automatically log in to the user's account in subsequent operations.

[0003] There are mainly two existing methods for account login. In one method, the mobile apparatus sends, to a server, a user name and a password that are entered by the user, to store the user name and the password in the server. In addition, the mobile apparatus stores, in the mobile apparatus, the user name and an apparatus identifier (ID) corresponding to the mobile apparatus. In this case, when the user starts the app again, the mobile apparatus sends the apparatus ID and the user name to the server for verification, and automatically logs in to the account after the verification succeeds.

[0004] In the other method, after the user successfully performs login for the first time, a server sends, to the mobile apparatus, a token corresponding to the mobile apparatus, and the mobile apparatus receives and stores the apparatus token. When the user starts the app again, the mobile apparatus sends the apparatus token to the server, and the server verifies the apparatus token. If the verification succeeds, the mobile apparatus automatically logs in to the account.

[0005] It can be seen that, in both the two existing methods, the apparatus ID/token is permanently stored in the mobile apparatus, and is easy to be cracked, causing security risks.

SUMMARY



[0006] A main objective of the present application is to alleviate the previous problem.

[0007] According to an aspect of the present application, a method for account login is provided, where the method for account login is applied to a server and includes: receiving a login request from a mobile apparatus, where the login request includes a variable apparatus identifier (ID); searching a user account database for user account information corresponding to the variable apparatus ID; if identifying the user account information corresponding to the variable apparatus ID, determining, based on a timestamp in the variable apparatus ID and a current time of the server, whether the variable apparatus ID needs to be updated; if the variable apparatus ID needs to be updated, updating the variable apparatus ID; and sending an account login permission instruction and an updated variable apparatus ID to the mobile apparatus.

[0008] According to another aspect of the present application, a method for account login is provided, where the method for account login is applied to a server and includes: receiving a login request from a mobile apparatus, where the login request includes a variable apparatus ID; searching a user account database for user account information corresponding to the variable apparatus ID; if identifying the user account information corresponding to the variable apparatus ID, updating the variable apparatus ID; and sending an account login permission instruction and an updated variable apparatus ID to the mobile apparatus.

[0009] According to another aspect of the present application, a method for account login is provided, where the method for account login is applied to a mobile apparatus and includes: sending a login request to a server, where the login request includes a variable apparatus ID; and receiving, from the server, a variable apparatus ID processed by the server and an account login permission instruction.

[0010] According to another aspect of the present application, a server is provided, including: a receiving unit, configured to receive a login request from a mobile apparatus, where the login request includes a variable apparatus ID; a storage unit, configured to store a user account database; a searching unit, configured to search the user account database for user account information corresponding to the variable apparatus ID; a determining unit, configured to determine, based on a timestamp in the variable apparatus ID and a current time of the server, whether the variable apparatus ID needs to be updated; and an update unit, configured to update the variable apparatus ID.

[0011] According to another aspect of the present application, an apparatus for account login is provided, including: a sending unit, configured to send a login request to a server, where the login request includes a variable apparatus ID; and a receiving unit, configured to receive, from the server, a variable apparatus ID processed by the server and an account login permission instruction.

[0012] In at least one of the technical solutions used in the implementations of the present application, a variable apparatus ID is used to replace a unique and invariable apparatus ID for automatic login, so that security is improved.

BRIEF DESCRIPTION OF DRAWINGS



[0013] The accompanying drawings described here are intended to provide a further understanding of the present application, and constitute a part of the present application. The illustrative implementations of the present application and descriptions thereof are intended to describe the present application, and constitute no limitation on the present application. In the accompanying drawings:

FIG. 1 is a schematic diagram illustrating a system for account login, according to an example implementation of the present application;

FIG. 2 is a flowchart illustrating a method for account login executed by a server, according to an example implementation of the present application;

FIG. 3 is a flowchart illustrating a method for account login executed by a mobile apparatus, according to an example implementation of the present application;

FIG. 4 is a block diagram illustrating a server, according to an example implementation of the present application; and

FIG. 5 is a block diagram illustrating a mobile apparatus, according to an example implementation of the present application.


DESCRIPTION OF IMPLEMENTATIONS



[0014] To make the objectives, technical solutions, and advantages of the present application clearer, the following comprehensively describes the technical solutions of the present application with reference to specific implementations and accompanying drawings of the present application. Apparently, the described implementations are merely some rather than all of the implementations of the present application. All other implementations obtained by a person of ordinary skill in the art based on the implementations of the present application without creative efforts shall fall within the protection scope of the present application.

[0015] For ease of description below, terms used in various implementations of the present application are first described.

[0016] A mobile apparatus is usually an apparatus used by a user in a network system to communicate with a server. The mobile apparatus in the present application can include but is not limited to any of the following apparatuses: a personal computer (PC), a mobile device (such as a cellular phone, a personal digital assistant (PDA), a digital camera, a portable game console, an MP3 player, a portable/personal media player (PMP), an eReader, a tablet PC, a portable PC, or a Global Positioning System (GPS) navigator), a smart TV, etc.

[0017] An application (app) is an embedded app or a third-party app that is stored in a storage unit of a mobile apparatus. The embedded app is an app that is pre-installed on the mobile apparatus. For example, the embedded app can be a browser, an email, an instant messaging app, etc. There are a variety of third-party apps which are downloaded from the online stores and installed on the mobile apparatus, such as a payment app, a shopping app, and an entertainment app.

[0018] An apparatus identifier (ID) is a permanently-valid and invariable ID generated based on attribute information of a mobile apparatus and a specific algorithm model. Attribute information of a mobile apparatus based on an Android operating system can include information such as an international mobile equipment identity (IMEI), an Android ID, a MAC address, and a serial number (SN). Attribute information of a mobile apparatus based on an iOS operating system can include information such as an advertising identifier (IDFA) and a vendor identifier (vendor ID). Generally, the apparatus ID cannot be cracked reversely. A mobile apparatus usually has a unique apparatus ID. Therefore, different mobile apparatuses have different apparatus IDs.

[0019] A variable apparatus ID (such as an apparatus token) is an ID generated by a mobile apparatus based on information such as an apparatus ID, an app name, a random number, and a timestamp (used to uniquely identify a certain moment). It can be seen that one variable apparatus ID corresponds to one apparatus ID, and a plurality of variable apparatus IDs with different validity periods can be generated by using one apparatus ID. In actual applications, a timestamp can be parsed out from a variable apparatus ID by using a specific parsing method, to determine whether the variable apparatus ID is valid. Different validity periods can be set for different apps. Therefore, different apps in the same mobile apparatus can correspond to different variable apparatus IDs.

[0020] According to an implementation of the present application, a system for automatic login is provided.

[0021] FIG. 1 illustrates a system for automatic login, according to an example implementation of the present application. As shown in FIG. 1, the system includes a mobile apparatus 100 and a server 200. The system includes three phases: A first phase is an initialization phase which is also referred to as a registration phase; a second phase is an initial login phase; and a third phase is an automatic login phase. The three phases are described in detail below with reference to FIG. 1.

[0022] In the initialization phase, a user starts an app stored in the mobile apparatus 100 for the first time. For example, in response to the user's touch on an app icon (such as an ALIPAY app or a QQ app) displayed on a display unit, the mobile apparatus 100 sends terminal apparatus information to the server 200. The terminal apparatus information includes hardware information and software information. Subsequently, the server 200 generates a unique apparatus ID based on the terminal apparatus information. For example, the server 200 can generate the apparatus ID of the mobile apparatus 100 based on an IDFA or an SN of the mobile apparatus, and generate, based on the apparatus ID, a variable apparatus ID (such as an apparatus token) corresponding to the app. Specifically, the server 200 generates the variable apparatus ID based on information such as app information corresponding to the app, a predetermined validity period, and a timestamp. The server 200 stores a mapping relationship between the apparatus ID and the variable apparatus ID in a user account database of the server 200, and sends the variable apparatus ID to the mobile apparatus 100. The mobile apparatus 100 stores the variable apparatus ID in a memory of the mobile apparatus 100. Then, the system enters the initial login phase.

[0023] In an alternative implementation, variable apparatus IDs with different validity periods can be set for different apps based on types of the apps. For example, when the app is an app such as a payment or instant messaging app that requires higher security, the validity period of the variable apparatus ID can be set to be shorter. When the app is an app such as a news or video app, the validity period of the variable apparatus ID can be set to be longer.

[0024] The user enters a user name and a password on the mobile apparatus. The mobile apparatus generates a login request based on the stored variable apparatus ID and the user name and password that are entered by the user, and sends the login request to the server 200. The server verifies the user name and the password. If the verification fails, the server returns, to the mobile apparatus, information for entering account information again, until the verification succeeds. If the verification succeeds, the server 200 stores the mapping relationship between the apparatus ID and the variable apparatus ID, a mapping relationship between the variable apparatus ID and the user name, and a mapping relationship between the apparatus ID and the user name in the user account database of the server 200. Then, the system enters the automatic login phase in response to the user's re-login to the app.

[0025] When the user starts the app again, the mobile apparatus 100 generates a login request only based on a variable apparatus ID, and sends the login request to the server 200. The server 200 searches, based on the variable apparatus ID in the login request, for an apparatus ID corresponding to the variable apparatus ID. If identifying the apparatus ID corresponding to the variable apparatus ID, the server 200 sends, to the mobile apparatus 100, information that is successfully verified by the server 200. After receiving the information, the mobile apparatus 100 automatically logs in to a corresponding account. If not identifying the apparatus ID corresponding to the variable apparatus ID, the server 200 sends, to the mobile apparatus 100, information that fails to be verified by the server 200. After receiving the information, the mobile apparatus 100 returns to the second phase (namely, the initial login phase).

[0026] In an alternative implementation, when the user starts the app again, the mobile apparatus 100 generates a login request based on a variable apparatus ID and a user name, and sends the login request to the server 200. The server 200 determines, based on the variable apparatus ID in the login request, an apparatus ID corresponding to the variable apparatus ID, and determines whether the user name in the login request is a user name corresponding to the apparatus ID. If an apparatus ID corresponding to the variable apparatus ID in the login request does not exist in the user account database of the server 200, the system exits the automatic login phase and enters the initial login phase. If an apparatus ID corresponding to the variable apparatus ID in the login request exists in the user account database of the server 200, but a user name corresponding to the apparatus ID is inconsistent with the stored user name, it indicates that the user logs in to another account by using the mobile apparatus 100. In this case, the system enters the initial login phase. The user needs to enter a user name and a password. Subsequently, the mobile apparatus 100 generates an updated login request based on the user name, the password, and the variable apparatus ID, and sends the updated login request to the server 200. After successfully verifying the information, the server sets a mapping relationship between the user name and the apparatus ID. It can be seen that one apparatus ID can correspond to a plurality of user names. Therefore, to log in to an expected account, the mobile apparatus can generate a login request based on a user name and a variable apparatus ID.

[0027] If an apparatus ID corresponding to the variable apparatus ID in the login request exists in the user account database of the server 200, and a user name corresponding to the apparatus ID is consistent with the stored user name, the mobile apparatus logs in to the account.

[0028] Next, the server 200 can determine, based on a timestamp in the variable apparatus ID and a current time of the server, whether the variable apparatus ID needs to be updated. Specifically, the server 200 can parse out the timestamp from the variable apparatus ID, and determine, based on the timestamp, whether the variable apparatus ID is within the validity period. For example, the server 200 can perform calculation based on the timestamp and the current time of the server to determine how long the variable apparatus ID has been created, and then determine whether the variable apparatus ID is within the validity period. If the variable apparatus ID is not within the validity period, the server 200 generates an updated variable apparatus ID. The server 200 can generate the updated variable apparatus ID based on the current time of the server. Then, the server 200 sends the updated variable apparatus ID and an account login permission instruction to the mobile apparatus 100. The mobile apparatus 100 stores the updated variable apparatus ID in the memory of the mobile apparatus 100 for automatic login next time.

[0029] In an alternative implementation, the server 200 can generate an updated variable apparatus ID based on the received variable apparatus ID when identifying the user account information corresponding to the variable apparatus ID; the server 200 can further update, by using the updated variable apparatus ID, the variable apparatus ID stored in the server 200; and send the updated variable apparatus ID to the mobile apparatus 100.

[0030] In an alternative implementation, the mobile apparatus 100 can combine the initialization phase with the login phase. Specifically, in response to a user name and a password that are entered by the user on the mobile apparatus, the mobile apparatus 100 generates a login request based on the user name and the password that are entered by the user, and then the mobile apparatus 100 sends terminal apparatus information and the login request to the server 200 together. The terminal apparatus information includes hardware information and software information. The server verifies the user name and the password. If the verification fails, the server returns, to the mobile apparatus, information for entering account information again, until the verification succeeds. If the verification succeeds, the server generates an apparatus ID based on the terminal apparatus information, and generates a variable apparatus ID based on the generated apparatus ID. Then, the server 200 stores, in a memory, a mapping relationship between the apparatus ID and the variable apparatus ID, a mapping relationship between the variable apparatus ID and the user name, and a mapping relationship between the apparatus ID and the user name.

[0031] When the user starts the app again, the system enters the third phase (namely, the automatic login phase). Detailed are omitted here for simplicity.

[0032] With reference to FIG. 2 and FIG. 3, the following separately describes a method for account login executed by a server and a method for account login executed by a mobile apparatus. FIG. 2 is a flowchart illustrating a method for account login executed by a server, according to an example implementation of the present application. FIG. 3 is a flowchart illustrating a method for account login executed by a mobile apparatus, according to an example implementation of the present application.

[0033] Referring to FIG. 2, in S210, a server receives a login request from a mobile apparatus, where the login request includes a variable apparatus ID (such as an apparatus token). The variable apparatus ID is generated by the server based on an apparatus ID when a user logs in to an account for the first time. The apparatus ID is a unique ID generated by the server based on terminal apparatus information received from the mobile apparatus. Specifically, the variable apparatus ID is generated based on the generated apparatus ID and information such as a time of making the login request, an app that the user expects to log in to, and a predetermined timestamp. As such, the variable apparatus ID can include app information corresponding to the app that the user expects to log in to, a validity period, and a timestamp. In an optional implementation, the login request includes a variable apparatus ID and a user name.

[0034] Next, in S220, the server searches a user account database for user account information corresponding to the variable apparatus ID. The user account database stores a user ID corresponding to the variable apparatus ID. Specifically, when the user logs in to an account in an app for the first time, the mobile apparatus sends account information (namely, a user name and a password) and terminal apparatus information to the server. The server verifies the account information. After the verification succeeds, the server generates an apparatus ID based on the terminal apparatus information, and generates, based on the apparatus ID, a variable apparatus ID corresponding to the app. Then, the server stores a mapping relationship between the variable apparatus ID and the apparatus ID, a mapping relationship between the variable apparatus ID and the user name in the user account database, and a mapping relationship between the apparatus ID and the user name. In an optional implementation, the server can send terminal apparatus information to the server when the user starts the app for the first time. Then, the server generates an apparatus ID based on the terminal apparatus information, and generates a variable apparatus ID based on the apparatus ID. After the user logs in to the account for the first time and verification performed by the server succeeds, the server stores, in the user account database, a mapping relationship between the account information and the variable apparatus ID, a mapping relationship between the variable apparatus ID and the apparatus ID, and a mapping relationship between the account information and the apparatus ID.

[0035] When the login request includes only a variable apparatus ID, the server searches the user account database for an apparatus ID corresponding to the variable apparatus ID. When the login request includes a variable apparatus ID and a user name, the server can search the user account database for an apparatus ID corresponding to the variable apparatus ID, and determine whether the user name is a user name corresponding to the apparatus ID.

[0036] If identifying the user account information corresponding to the variable apparatus ID, the server performs S230, that is, the server determines, based on a timestamp in the variable apparatus ID and a current time of the server, whether the variable apparatus ID needs to be updated. The server determines whether the variable apparatus ID is within the validity period; if the variable apparatus ID is within the validity period, the server does not make any change; or if the variable apparatus ID is not within the validity period, the server generates an updated variable apparatus ID based on the variable apparatus ID. Specifically, the server can determine a survival period of the variable apparatus ID based on the timestamp in the variable apparatus ID and the current time of the server, and compare the survival period with the validity period. If the survival period is shorter than the validity period, the server does not make any change; or if the survival period is not shorter than the validity period, the server generates an updated variable apparatus ID.

[0037] In an alternative implementation, the server can generate an updated variable apparatus ID based on the received variable apparatus ID when identifying the user account information corresponding to the variable apparatus ID; update, by using the updated variable apparatus ID, the variable apparatus ID stored in the server; and send the updated variable apparatus ID to the mobile apparatus.

[0038] If the user account information corresponding to the variable apparatus ID is not identified, the verification fails. The server sends, to the mobile apparatus, an instruction indicating that the verification fails. After receiving the instruction, the mobile apparatus displays a login interface and prompts the user to enter account information again.

[0039] If the server determines, in S230, that the variable apparatus ID needs to be updated, the server updates the variable apparatus ID in S240. Finally, in S250, the server sends an account login permission instruction and the updated variable apparatus ID to the mobile apparatus. After receiving the updated variable apparatus ID, the mobile apparatus deletes a variable apparatus ID stored in a memory, and stores the updated variable apparatus ID in the memory. If determining that the variable apparatus ID does not need to be updated, the server sends an account login permission instruction and the variable apparatus ID to the mobile apparatus.

[0040] The method for account login executed by the server has been described above. Subsequently, a method for account login executed by a mobile apparatus is described with reference to FIG. 3.

[0041] Referring to FIG. 3, when an app installed on a mobile apparatus is started again, in S310, the mobile apparatus sends a login request to a server, where the login request includes a variable apparatus ID, and the variable apparatus ID has a predetermined validity period and can identify the mobile apparatus. The mobile apparatus sends terminal apparatus information of the mobile apparatus to the server in an initialization phase or an initial login phase. The terminal apparatus information includes hardware information and software information. Subsequently, the server generates, based on the terminal apparatus information, a unique apparatus ID and a variable apparatus ID (such as an apparatus token) corresponding to the apparatus ID. Specifically, the server can generate the variable apparatus ID with a validity period based on app information corresponding to the app, a predetermined validity period, and a timestamp. In an alternative implementation, the mobile apparatus sends a variable apparatus ID and a user name to the server.

[0042] When the server executes the method for account login shown in FIG. 2, the server can determine whether the variable apparatus ID needs to be updated; and if determining that the variable apparatus ID needs to be updated, the server sends an updated variable apparatus ID to the mobile apparatus; or if determining that the variable apparatus ID does not need to be updated, the server sends the original variable apparatus ID to the mobile apparatus. After determining that the variable apparatus ID is not within the validity period, the server updates the variable apparatus ID; or after or when identifying corresponding user account information from the user account database, the server updates the variable apparatus ID. Therefore, in S320, after the variable apparatus ID is successfully verified by the server, the mobile apparatus receives, from the server, a variable apparatus ID processed by the server and an account login permission instruction.

[0043] The method for account login executed by the server and the method for account login executed by the mobile apparatus are separately described above with reference to FIG. 2 and FIG. 3. A mobile apparatus and a server according to example implementations of the present application are described below with reference to FIG. 4 and FIG. 5.

[0044] FIG. 4 is a block diagram illustrating a server, according to an example implementation of the present application. The server according to this example implementation can include a receiving unit 410, a storage unit 420, a searching unit 430, a determining unit 440, an update unit 450, and a sending unit 460.

[0045] The receiving unit 410 receives a login request from a mobile apparatus, where the login request includes a variable apparatus ID. The variable apparatus ID has a validity period and can identify the mobile apparatus. The storage unit 420 stores a user account database, where a mapping relationship between an apparatus ID and a variable apparatus ID, a mapping relationship between the variable apparatus ID and a user name, and a mapping relationship between the apparatus ID and the user name are stored in the user account database.

[0046] The searching unit 430 searches the user account database for user account information corresponding to the variable apparatus ID. Specifically, the searching unit 410 searches the user account database for an apparatus ID corresponding to the variable apparatus ID. In an alternative implementation, when the login request includes a variable apparatus ID and a user name, the searching unit 410 searches the user account database for an apparatus ID corresponding to the variable apparatus ID, and determines whether the user name is a user name corresponding to the apparatus ID. The determining unit 440 determines, based on a timestamp in the variable apparatus ID and a current time of the server, whether the variable apparatus ID needs to be updated. When the determining unit 440 determines that the variable apparatus ID needs to be updated, the updating unit 450 updates the variable apparatus ID. Then, the sending unit 460 sends an account login permission instruction and an updated variable apparatus ID to the mobile apparatus. If the determining unit 440 determines that the variable apparatus ID does not need to be updated, the sending unit 460 sends an account login permission instruction and the variable apparatus ID to the mobile apparatus.

[0047] In an alternative implementation, after the update unit 450 updates the variable apparatus ID, the storage unit 420 can update the user account database by using the updated variable apparatus ID.

[0048] In an alternative implementation, the server can exclude a determining unit, that is, the server includes only a receiving unit, a storage unit, a searching unit, an update unit, and a sending unit. After the searching unit searches the user account database for user account information corresponding to the variable apparatus ID, the server does not need to determine whether the variable apparatus ID needs to be updated, but directly updates the variable apparatus ID by using the update unit.

[0049] FIG. 5 is a block diagram illustrating a mobile apparatus, according to an example implementation of the present application. The apparatus for account login (the previous "mobile apparatus") according to this example implementation includes a sending unit 510 and a receiving unit 520.

[0050] The sending unit 510 sends a login request to a server, where the login request includes a variable apparatus ID. The receiving unit 520 receives, from the server, a variable apparatus ID processed by the server and an account login permission instruction.

[0051] According to this example implementation, the variable apparatus ID processed by the server is an updated variable apparatus ID when the server determines that the variable apparatus ID needs to be updated or the existing variable apparatus ID when the server determines that the variable apparatus ID does not need to be updated.

[0052] According to the method, apparatus and server for account login in the present application, in the automatic login process, a variable apparatus ID is used to replace an apparatus ID and the variable apparatus ID is updated based on a condition, so that the apparatus ID is prevented from being exposed to the mobile apparatus for a long time period, and security is improved. Further, both a variable apparatus ID and a user name can be used in the automatic login process, so that the user can log in to an expected account by using the same mobile apparatus, and user experience is improved. Moreover, a validity period of the variable apparatus ID can be set based on a type of an app corresponding to a login account, so that different apps have different validity periods, and a personalized service is provided.

[0053] A person skilled in the art should understand that an implementation of the present application can be provided as a method, a system, or a computer program product. Therefore, the present application can use a form of hardware only implementations, software only implementations, or implementations with a combination of software and hardware. Moreover, the present application can use a form of a computer program product that is implemented on one or more computer-usable storage media (including but not limited to a disk memory, a CD-ROM, an optical memory, etc.) that include computer-usable program code.

[0054] The present application is described with reference to the flowcharts and/or block diagrams of the method, the device (system), and the computer program product based on the implementations of the present application. It is worthwhile to note that computer program instructions can be used to implement each process and/or each block in the flowcharts and/or the block diagrams and a combination of a process and/or a block in the flowcharts and/or the block diagrams. These computer program instructions can be provided for a general-purpose computer, a dedicated computer, an embedded processor, or a processor of another programmable data processing device to generate a machine, so that the instructions executed by the computer or the processor of the another programmable data processing device generate a device for implementing a specified function in one or more processes in the flowcharts and/or in one or more blocks in the block diagrams.

[0055] These computer program instructions can be stored in a computer readable memory that can instruct the computer or the another programmable data processing device to work in a specific way, so that the instructions stored in the computer readable memory generate an artifact that includes an instruction device. The instruction device implements a specific function in one or more processes in the flowcharts and/or in one or more blocks in the block diagrams.

[0056] These computer program instructions can be loaded onto the computer or another programmable data processing device, so that a series of operations and steps are performed on the computer or the another programmable device, thereby generating computer-implemented processing. Therefore, the instructions executed on the computer or the another programmable device provide steps for implementing a specific function in one or more processes in the flowcharts and/or in one or more blocks in the block diagrams.

[0057] In a typical configuration, a computing device includes one or more processors (CPU), one or more input/output interfaces, one or more network interfaces, and one or more memories.

[0058] The memory can include a non-persistent memory, a random access memory (RAM), a non-volatile memory, and/or another form in a computer readable medium, for example, a read-only memory (ROM) or a flash memory (flash RAM). The memory is an example of the computer readable medium.

[0059] The computer readable medium includes persistent, non-persistent, movable, and unmovable media that store information storage by using any method or technology. The information can be a computer readable instruction, a data structure, a program module, or other data. Examples of a computer storage medium include but are not limited to a phase-change random access memory (PRAM), a static random access memory (SRAM), a dynamic random access memory (DRAM), another type of random access memory (RAM), a read-only memory (ROM), an electrically erasable programmable read-only memory (EEPROM), a flash memory or another memory technology, a compact disc read-only memory (CD-ROM), a digital versatile disc (DVD) or another optical storage, a cassette magnetic tape, a magnetic tape/magnetic disk storage or another magnetic storage device, or any other non-transmission medium. The computer storage medium can be used to store information accessible by the computing device. Based on the definition in the present specification, the computer readable medium does not include transitory computer readable media (transitory media), for example, a modulated data signal and carrier.

[0060] It is worthwhile to further note that the term "include", "comprise", or their any other variant is intended to cover a non-exclusive inclusion, so that a process, a method, a product, or a device that includes a list of elements not only include those elements but also includes other elements which are not expressly listed, or further includes elements inherent to such a process, a method, a product, or a device. An element preceded by "includes a ..." does not, without more constraints, preclude the existence of additional identical elements in the process, method, product, or device that includes the element.

[0061] A person skilled in the art should understand that an implementation of the present application can be provided as a method, a system, or a computer program product. Therefore, the present application can use a form of hardware only implementations, software only implementations, or implementations with a combination of software and hardware. Moreover, the present application can use a form of a computer program product that is implemented on one or more computer-usable storage media (including but not limited to a disk memory, a CD-ROM, an optical memory, etc.) that include computer-usable program code.

[0062] The previous descriptions are only implementations of the present application, and are not intended to limit the present application. A person skilled in the art can make various modifications and changes to the present application. Any modification, equivalent replacement, or improvement made without departing from the spirit and principle of the present application shall fall within the scope of the claims in the present application.


Claims

1. A method for account login, wherein the method for account login is applied to a server and comprises:

receiving a login request from a mobile apparatus for an application (app), wherein the login request comprises a variable apparatus identifier (ID);

searching a user account database for user account information corresponding to the variable apparatus ID;

if identifying the user account information corresponding to the variable apparatus ID, determining, based on a timestamp in the variable apparatus ID and a current time of the server, whether the variable apparatus ID needs to be updated;

if the variable apparatus ID needs to be updated, updating the variable apparatus ID; and

sending an account login permission instruction and an updated variable apparatus ID to the mobile apparatus.


 
2. The method according to claim 1, wherein the variable apparatus ID has a validity period and can identify the mobile apparatus.
 
3. The method according to claim 2, wherein the validity period of the variable apparatus ID varies with an app type.
 
4. The method according to claim 1, wherein the step of determining whether the variable apparatus ID needs to be updated comprises: determining a survival period of the variable apparatus ID based on the timestamp in the variable apparatus ID and the current time of the server; determining whether the survival period is shorter than a validity period; and if the survival period is not shorter than the validity period, updating the variable apparatus ID.
 
5. The method according to claim 1, wherein after the determining whether the variable apparatus ID needs to be updated, the method comprises: if determining that the variable apparatus ID does not need to be updated, sending an account login permission instruction and the variable apparatus ID to the mobile apparatus.
 
6. The method according to claim 1, wherein the variable apparatus ID comprises an apparatus token that has a validity period.
 
7. The method according to claim 1, wherein the variable apparatus ID is generated by the server based on an app, an apparatus ID, a validity period, and a timestamp.
 
8. The method according to claim 7, wherein the apparatus ID is a unique ID generated by the server based on terminal apparatus information of the mobile apparatus.
 
9. The method according to claim 8, wherein a mapping relationship between an apparatus ID and a variable apparatus ID, a mapping relationship between the variable apparatus ID and a user name, and a mapping relationship between the apparatus ID and the user name is stored in the user account database.
 
10. The method according to claim 9, wherein the step of searching a user account database for user account information corresponding to the variable apparatus ID comprises: searching the user account database for an apparatus ID corresponding to the variable apparatus ID.
 
11. The method according to claim 9, wherein the login request comprises a variable apparatus ID and a user name.
 
12. The method according to claim 11, wherein the step of searching a user account database for user account information corresponding to the variable apparatus ID comprises: searching the user account database for an apparatus ID corresponding to the variable apparatus ID, and determining whether the user name is a user name corresponding to the apparatus ID.
 
13. The method according to any one of claims 1 to 12, wherein after the updating the variable apparatus ID, the method comprises: updating the user account database by using the updated variable apparatus ID.
 
14. A method for account login, wherein the method for account login is applied to a server and comprises:

receiving a login request from a mobile apparatus, wherein the login request comprises a variable apparatus ID;

searching a user account database for user account information corresponding to the variable apparatus ID;

if identifying the user account information corresponding to the variable apparatus ID, updating the variable apparatus ID; and

sending an account login permission instruction and an updated variable apparatus ID to the mobile apparatus.


 
15. A method for account login, wherein the method for account login is applied to a mobile apparatus and comprises:

sending a login request to a server, wherein the login request comprises a variable apparatus ID; and

receiving, from the server, a variable apparatus ID processed by the server and an account login permission instruction.


 
16. The method according to claim 15, wherein
the variable apparatus ID processed by the server is an updated variable apparatus ID when the server determines that the variable apparatus ID needs to be updated or the existing variable apparatus ID when the server determines that the variable apparatus ID does not need to be updated.
 
17. The method according to claim 15, wherein the login request comprises a variable apparatus ID and a user name.
 
18. A server, comprising:

a receiving unit, configured to receive a login request from a mobile apparatus, wherein the login request comprises a variable apparatus ID;

a storage unit, configured to store a user account database;

a searching unit, configured to search the user account database for user account information corresponding to the variable apparatus ID;

a determining unit, configured to determine whether the variable apparatus ID needs to be updated;

an update unit, configured to update the variable apparatus ID based on a timestamp in the variable apparatus ID and a current time of the server; and

a sending unit, configured to send an account login permission instruction and an updated variable apparatus ID to the mobile apparatus.


 
19. The server according to claim 18, wherein the variable apparatus ID has a validity period and can identify the mobile apparatus.
 
20. The server according to claim 18, wherein the login request comprises a variable apparatus ID and a user name.
 
21. A server, comprising:

a receiving unit, configured to receive a login request from a mobile apparatus, wherein the login request comprises a variable apparatus ID;

a storage unit, configured to store a user account database;

a searching unit, configured to search the user account database for user account information corresponding to the variable apparatus ID;

an update unit, configured to update the variable apparatus ID; and

a sending unit, configured to send an account login permission instruction and an updated variable apparatus ID to the mobile apparatus.


 
22. An apparatus for account login, comprising:

a sending unit, configured to send a login request to a server, wherein the login request comprises a variable apparatus ID; and

a receiving unit, configured to receive, from the server, a variable apparatus ID processed by the server and an account login permission instruction.


 




Drawing