阅读说明：本技术 验证短信验证码的方法及系统 (Method and system for verifying short message verification code ) 是由 覃健祥 于 2018-08-10 设计创作，主要内容包括：本发明主要是一种短信验证方法，验证方法主要是通过短信验证的系统位于网关，主要是使用网关接收客户端发送的获取验证码请求。同时在网关中生成验证码，将验证码进行存储。网关调用短信服务商接口将生成的验证码发送给客户端的手机。客户端将获取的短信验证码及调用的业务参数发送给网关。网关接收客户端发送的API业务参数和短信验证码。网关对验证码进行比对验证。相比较现有技术将短信验证功能设置在服务端，本发明将短信验证功能设置在网关中，由网关来进行短信验证的功能。网关使用统一的代码，可以实现不同程序服务端的短信验证功能。如果没有网关进行短信验证，需要在不同的客户端撰写短信验证功能，程序较复杂。(The invention mainly relates to a short message verification method, which is characterized in that a system for verifying through short messages is positioned in a gateway, and the gateway is mainly used for receiving a verification code acquisition request sent by a client. Meanwhile, a verification code is generated in the gateway and stored. And the gateway calls the short message service provider interface to send the generated verification code to the mobile phone of the client. And the client sends the acquired short message verification code and the called service parameter to the gateway. And the gateway receives the API service parameters and the short message verification codes sent by the client. And the gateway compares and verifies the verification code. Compared with the prior art that the short message verification function is arranged at the server side, the short message verification function is arranged in the gateway, and the gateway performs the short message verification function. The gateway uses the uniform code, and can realize the short message verification function of different program service terminals. If no gateway is used for short message verification, short message verification functions need to be written at different clients, and the program is complex.)

1. A short message verification method comprises a client, a server and a gateway, wherein a system for short message verification is located in the gateway, and the short message verification method is characterized in that: and the gateway receives a request for acquiring the verification code sent by the client. Meanwhile, a verification code is generated in the gateway and stored. And the gateway calls the short message service provider interface to send the generated verification code to the mobile phone of the client. And the client sends the acquired short message verification code and the called service parameter to the gateway. And the gateway receives the API service parameters and the short message verification codes sent by the client. And the gateway compares and verifies the verification code.

2. The short message authentication method as claimed in claim 1, wherein: the gateway receives a short message verification request process sent by a client, wherein the client refers to a terminal program, a user inputs a mobile phone number through the terminal program, a short message verification code acquisition program is started through a user interface, and the client sends a request for acquiring a short message verification code to the gateway.

3. The short message authentication method as claimed in claim 1, wherein: the gateway receives the client request and randomly generates the verification code, the number of the verification code is N-bit verification code, and the number of the verification code can be set according to requirements.

4. The short message authentication method as claimed in claim 3, wherein: and after the gateway generates the verification code, the verification code is stored at the same time.

5. The short message authentication method as claimed in claim 1, wherein: and the gateway calls the short message service provider interface to send the generated verification code to the client. The called short message service provider refers to a communication operator which can provide services such as conversation, short messages and the like.

6. The short message authentication method as claimed in claim 5, wherein: the short message service provider sends the short message to the mobile phone where the client is located, and the mobile phone receives the verification code in a short message mode.

7. The short message authentication method as claimed in claim 1, wherein: and the client sends the acquired short message verification code and the called service parameter to the gateway. The client side inputs the short message verification code as the verification code received by the user through the mobile phone, and the verification code is sent to the gateway. The service parameters are service parameters corresponding to the API gateway called by the client.

8. The short message authentication method as claimed in claim 1, wherein: and the gateway receives the API service parameters and the short message verification codes sent by the client. And when the gateway receives the data verification information sent by the client, calling the stored short message verification code according to the client information.

9. The short message authentication method as claimed in claim 1, wherein: the short message verification process is that the gateway compares the called and stored short message verification code with the received short message verification code sent by the client. And if the two parameters are consistent, performing a service parameter verification program. And if the short message verification code called by the gateway is inconsistent with the received short message verification code, returning error information.

10. A short message verification system is characterized in that the short message verification code system comprises: and the receiving module is used for receiving a verification code acquisition request sent by the client and receiving the service parameters sent by the client and the verification code sent by the client. And the verification code generation module is used for generating a random verification code when the client request is obtained. And the verification module is used for comparing and analyzing the stored short message verification codes and the verification codes sent by the client side and judging whether the two short message verification codes are consistent. And the sending module is used for sending the verification code to a short message operation service provider and sending the client request data service parameters to the server side.

The technical field is as follows:

the invention relates to the technical field of short message verification, in particular to a method and a system for sending a verification code by a short message.

Background art:

short message verification has become an important verification means. For example, the function of short message authentication is needed in internet systems such as a shopping website, friend-making software, internet bank payment and the like. Whether the client is real and limited can be verified through the short message verification function. The safety performance of user login is ensured. The current short message verification function is mostly arranged in a service end, and a user initiates a short message verification code request to reach the service end. The server side sends the short message verification code to the mobile phone of the user by calling a corresponding interface, the user fills the received short message verification code into a corresponding input frame and submits a request, and the server side receives whether the verification code input by the user is correct or not.

The invention content is as follows:

the invention aims to solve the technical problem. The correctness of the short message verification code is verified at the server side, and a verification program needs to be set at the server side for each step of verifying the correctness of the short message function. Corresponding program codes are required to be added at the server side to realize short message verification functions at different places. The functional program for short message verification at the server is complex, and the short message verification function in different functional areas needs to be set by spending more time and energy.

The technical scheme adopted by the invention for solving the technical problem is as follows:

and a gateway is arranged between the server and the client.

The gateway receives a short message verification request sent by the client. Meanwhile, a verification code is generated in the gateway and is stored in the database. And the gateway calls the short message service provider interface to send the generated verification code to the mobile phone of the client. And the client sends the acquired short message verification code and the called service parameter to the gateway. And the gateway receives the API service parameters and the short message verification codes sent by the client. And the gateway compares and verifies the verification code.

The gateway receives a short message verification request process sent by a client, wherein the client refers to a terminal program, a user inputs a mobile phone number through the terminal program, a short message verification code acquisition program is started through a user interface, and the client sends a request for acquiring a short message verification code to the gateway.

The gateway receives the client request and randomly generates the verification code, the number of the verification code can be a multi-bit verification code, and the number of the verification code can be set according to requirements.

And after the gateway generates the verification code, the verification code is stored in a server database where the gateway is located.

And the gateway calls the short message service provider interface to send the generated verification code to the client. The called short message service provider refers to a communication operator which can provide services such as conversation, short messages and the like.

The short message service provider sends the short message to the mobile phone where the client is located, and the mobile phone receives the verification code in a short message mode.

And the client sends the acquired short message verification code and the called service parameter to the gateway. The client side inputs the short message verification code as the verification code received by the user through the mobile phone, and the verification code is sent to the gateway. The service parameters are service parameters corresponding to the API gateway called by the client.

And the gateway receives the API service parameters and the short message verification codes sent by the client. And the gateway calls the stored short message verification code according to the client information when receiving the data verification information sent by the client.

Preferably, the short message verification process is that the gateway compares the called and stored short message verification code with the received short message verification code sent by the client. And if the two parameters are consistent, performing a service parameter verification program. And if the short message verification code called by the gateway is inconsistent with the received short message verification code, returning error information.

The receiving module is used for receiving the verification code acquisition request sent by the client, and simultaneously receiving the service parameters sent by the client and the verification code sent by the client. And the verification code generation module is used for generating a random verification code when the request of the client is obtained. And the verification module is used for verifying whether the short message verification codes are consistent.

Due to the adoption of the technical scheme, the invention has the following beneficial effects: compared with the prior art that the short message verification function is arranged at the server side, the short message verification function is arranged in the gateway, and the gateway performs the short message verification function. The gateway uses the uniform code, and can realize the short message verification function of different program service terminals. If no gateway is used for short message verification, short message verification functions need to be written at different clients, and the program is complex. Sometimes, the authentication code transmission fails due to the fact that the server side processes more programs.

Description of the drawings:

FIG. 1 shows a system diagram of the present invention;

fig. 2 is a system for verifying a gateway short message according to an embodiment of the present invention;

fig. 3 is a flowchart illustrating a gateway authentication short message procedure according to an embodiment of the present invention.

The specific implementation mode is as follows:

the invention is further illustrated with reference to the following figures and examples.

Fig. 1 is a configuration diagram of a system of the present invention, which includes a client, a server, and a gateway. A Client (Client), also called Client, refers to a program corresponding to a server and providing local services to clients. Except for some application programs which only run locally, the application programs are generally installed on common clients and need to be operated together with a server. The gateway plays a crucial role in the short message verification process. The short message is a generalized short message and comprises a mobile phone short message, an instant messaging short message, a pop-up short message based on a TCP/IP protocol, a webpage short message and other short message systems. The server is located in the server, and serves the client, and the content of the service is such as providing resources for the client and storing the client data. The gateway(s) may be a gateway(s),

the API (Application Programming Interface) is some predefined functions, and the Application encapsulates its service capability into the API and opens the API to the user for calling. The API includes basic information, request paths and parameters of the front and back ends, and request-related protocols. The gateway referred to in the present invention is an API gateway. The client may define the identity of an API caller. One API may be authorized for multiple applications or multiple APIs may be authorized for the same application. And when the client sends a request to the gateway, the client sends the API service parameter information in the calling client to the corresponding API gateway.

The API includes basic information, request paths and parameters of the front and back ends, and request-related protocols.

In the prior art, a short message verification function required to be set by a server is placed in the server, and when a user directly starts a client to send a verification code request, the client sends a verification code acquisition request to the server.

The verification method comprises the following steps: