diff --git a/sgzb-auth/src/main/java/com/bonus/sgzb/auth/controller/TokenController.java b/sgzb-auth/src/main/java/com/bonus/sgzb/auth/controller/TokenController.java
index 434f7818..13d5db07 100644
--- a/sgzb-auth/src/main/java/com/bonus/sgzb/auth/controller/TokenController.java
+++ b/sgzb-auth/src/main/java/com/bonus/sgzb/auth/controller/TokenController.java
@@ -3,8 +3,11 @@ package com.bonus.sgzb.auth.controller;
 import javax.annotation.Resource;
 import javax.servlet.http.HttpServletRequest;
 
+import com.bonus.sgzb.common.core.constant.CacheConstants;
+import com.bonus.sgzb.common.redis.service.RedisService;
 import com.bonus.sgzb.system.api.RemoteUserService;
 import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.data.redis.core.RedisConnectionUtils;
 import org.springframework.web.bind.annotation.*;
 import com.bonus.sgzb.auth.form.LoginBody;
 import com.bonus.sgzb.auth.form.RegisterBody;
@@ -21,18 +24,20 @@ import java.util.Map;
 
 /**
  * token 控制
- * 
+ *
  * @author ruoyi
  */
 @RestController
-public class TokenController
-{
+public class TokenController {
     @Autowired
     private TokenService tokenService;
 
     @Autowired
     private SysLoginService sysLoginService;
 
+    @Resource
+    private RedisService redisService;
+
     @Resource
     private RemoteUserService remoteUserService;
 
@@ -40,8 +45,14 @@ public class TokenController
     public R<?> login(@RequestBody LoginBody form) {
         // 用户登录
         LoginUser userInfo = sysLoginService.login(form.getUsername(), form.getPassword());
-        // 获取登录token
-        return R.ok(tokenService.createToken(userInfo));
+        String uuid = form.getUuid();
+        String captcha = redisService.getCacheObject(CacheConstants.CAPTCHA_CODE_KEY + uuid).toString();
+        if (form.getCode() != null && form.getCode().equals(captcha)) {
+            // 获取登录token
+            return R.ok(tokenService.createToken(userInfo));
+        } else {
+            return R.fail("验证码已过期，请刷新验证码");
+        }
     }
 
     @PostMapping("sendCode")
diff --git a/sgzb-auth/src/main/java/com/bonus/sgzb/auth/form/LoginBody.java b/sgzb-auth/src/main/java/com/bonus/sgzb/auth/form/LoginBody.java
index 6bba73cf..46ce1379 100644
--- a/sgzb-auth/src/main/java/com/bonus/sgzb/auth/form/LoginBody.java
+++ b/sgzb-auth/src/main/java/com/bonus/sgzb/auth/form/LoginBody.java
@@ -29,4 +29,6 @@ public class LoginBody {
      */
     private String phone;
 
+
+    private String uuid;
 }