diff --git a/dq-financial-hrms-auth/src/main/java/com/daqing/financial/hrauth/controller/UserLoginController.java b/dq-financial-hrms-auth/src/main/java/com/daqing/financial/hrauth/controller/UserLoginController.java
index 80c2720e..ed2ad65f 100644
--- a/dq-financial-hrms-auth/src/main/java/com/daqing/financial/hrauth/controller/UserLoginController.java
+++ b/dq-financial-hrms-auth/src/main/java/com/daqing/financial/hrauth/controller/UserLoginController.java
@@ -9,8 +9,11 @@ import io.swagger.annotations.ApiOperation;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.web.bind.annotation.*;
 
+import javax.validation.Valid;
+
+
 /**
- * @auther River
+* @auther River
  * @date 2020/9/22 15:27
  */
 @RestController
@@ -34,7 +37,7 @@ public class UserLoginController {
     }
 
     @PostMapping("/getBackPwd")
-    public ResponseResult getBackPwd(@RequestBody UserLoginRequest user){
+    public ResponseResult getBackPwd(@RequestBody @Valid UserLoginRequest user){
         boolean result = userLoginService.getBackPwd(user);
         return result ? ResponseResult.SUCCESS() : ResponseResult.FAIL();
     }
@@ -42,17 +45,17 @@ public class UserLoginController {
     @PostMapping(value = "/login")
     @ApiOperation(value = "用户登录")
     public ResponseResult login(
-            //@RequestBody LoginRequest loginRequest
-            @RequestParam("password") String password, @RequestParam("phone") String phone,
+            @RequestBody LoginRequest loginRequest
+/*            @RequestParam("password") String password, @RequestParam("phone") String phone,
             @RequestParam("type")int type, @RequestParam("wechatId") String wechatId,
-            @RequestParam("tenDayEffective") int tenDayEffective
+            @RequestParam("tenDayEffective") int tenDayEffective*/
             ){
-        LoginRequest loginRequest = new LoginRequest();
+/*        LoginRequest loginRequest = new LoginRequest();
         loginRequest.setTenDayEffective(tenDayEffective);
         loginRequest.setType(type);
         loginRequest.setWechatId(wechatId);
         loginRequest.setPassword(password);
-        loginRequest.setPhone(phone);
+        loginRequest.setPhone(phone);*/
         return userLoginService.login(loginRequest);
     }
 }
diff --git a/dq-financial-hrms-auth/src/main/java/com/daqing/financial/hrauth/dao/UserLoginDao.java b/dq-financial-hrms-auth/src/main/java/com/daqing/financial/hrauth/dao/UserLoginDao.java
index 40f41009..439b9691 100644
--- a/dq-financial-hrms-auth/src/main/java/com/daqing/financial/hrauth/dao/UserLoginDao.java
+++ b/dq-financial-hrms-auth/src/main/java/com/daqing/financial/hrauth/dao/UserLoginDao.java
@@ -18,4 +18,5 @@ public interface UserLoginDao extends BaseMapper<UserEntity> {
     int updatePasswordByPhoneAccount(@Param("phoneAccount") String phoneAccount, @Param("password") String password);
 
     UserEntity login(LoginRequest loginRequest);
+    UserEntity selectByPhoneAccount(String phoneAccount);
 }
diff --git a/dq-financial-hrms-auth/src/main/java/com/daqing/financial/hrauth/service/impl/UserLoginServiceImpl.java b/dq-financial-hrms-auth/src/main/java/com/daqing/financial/hrauth/service/impl/UserLoginServiceImpl.java
index 7d5332ed..824f8f49 100644
--- a/dq-financial-hrms-auth/src/main/java/com/daqing/financial/hrauth/service/impl/UserLoginServiceImpl.java
+++ b/dq-financial-hrms-auth/src/main/java/com/daqing/financial/hrauth/service/impl/UserLoginServiceImpl.java
@@ -14,12 +14,9 @@ import com.daqing.framework.model.response.CommonCode;
 import com.daqing.framework.model.response.ResponseResult;
 import com.daqing.framework.util.Md5Util;
 import org.apache.commons.lang3.StringUtils;
-import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
 import org.springframework.stereotype.Service;
 
 import javax.annotation.Resource;
-import java.util.regex.Matcher;
-import java.util.regex.Pattern;
 
 /**
  * @auther River
@@ -66,20 +63,17 @@ public class UserLoginServiceImpl extends ServiceImpl<UserLoginDao, UserEntity>
 
         int count = userLoginDao.selectCount(user.getPhoneAccount());
         if (count == 0) {
-            ExceptionCast.cast(HrmsCode.PHNOE_ACCOUNT_NOT_EMPTY);
+            ExceptionCast.cast(HrmsCode.PHNOE_ACCOUNT_NOT_EXIST);
         }
+        //根据手机号查询相关信息
+        UserEntity userEntity = baseMapper.selectByPhoneAccount(user.getPhoneAccount());
         //判断验证码是否匹配
         String verify = "123456";
         if(!verify.equals(user.getVerifyCode())){
             ExceptionCast.cast(HrmsCode.VERIFY_CODE_ILLEGAL);
         }
-        //密码格式校验
-        Pattern pattern = Pattern.compile("^(?=.*[0-9].*)(?=.*[A-Z].*)(?=.*[a-z].*).{6,20}$");
-        Matcher match = pattern.matcher(user.getNewPwd());
-        if(!match.matches()){
-            ExceptionCast.cast(HrmsCode.NEW_PASSWORD_ILLEGAL);
-        }
-        String newMD5 = new BCryptPasswordEncoder().encode(user.getNewPwd());
+
+        String newMD5 = Md5Util.md5(user.getNewPwd()+userEntity.getId());
         //根据手机号码修改密码
         int i = userLoginDao.updatePasswordByPhoneAccount(user.getPhoneAccount(),newMD5);
         return i > 0;
diff --git a/dq-financial-hrms-auth/src/main/resources/mapper/hrmsauth/UserLoginMapper.xml b/dq-financial-hrms-auth/src/main/resources/mapper/hrmsauth/UserLoginMapper.xml
index 726e4d93..9a66957d 100644
--- a/dq-financial-hrms-auth/src/main/resources/mapper/hrmsauth/UserLoginMapper.xml
+++ b/dq-financial-hrms-auth/src/main/resources/mapper/hrmsauth/UserLoginMapper.xml
@@ -34,5 +34,8 @@
         </if>
 
     </select>
+    <select id="selectByPhoneAccount" resultType="com.daqing.framework.domain.hrms.UserEntity">
+        SELECT id,account FROM hrms_user WHERE phone_account = #{phoneAccount}
+    </select>
 
 </mapper>
\ No newline at end of file
diff --git a/dq-framework-common/src/main/java/com/daqing/framework/exception/ExceptionCatch.java b/dq-framework-common/src/main/java/com/daqing/framework/exception/ExceptionCatch.java
index d339522f..742da376 100644
--- a/dq-framework-common/src/main/java/com/daqing/framework/exception/ExceptionCatch.java
+++ b/dq-framework-common/src/main/java/com/daqing/framework/exception/ExceptionCatch.java
@@ -7,6 +7,7 @@ import com.google.common.collect.ImmutableMap;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 import org.springframework.http.converter.HttpMessageNotReadableException;
+import org.springframework.web.bind.MethodArgumentNotValidException;
 import org.springframework.web.bind.annotation.ControllerAdvice;
 import org.springframework.web.bind.annotation.ExceptionHandler;
 import org.springframework.web.bind.annotation.ResponseBody;
@@ -60,4 +61,16 @@ public class ExceptionCatch {
         ResultCode resultCode = customException.getResultCode();
         return new ResponseResult(resultCode);
     }
+
+    @ExceptionHandler(MethodArgumentNotValidException.class)//捕获CustomException类型异常
+    @ResponseBody
+    public ResponseResult MethodArgumentNotValidException(MethodArgumentNotValidException customException) {
+        customException.printStackTrace();
+        //记录日志
+        LOGGER.error("catch exception:{}", customException.getMessage());
+        String message = customException.getBindingResult().getAllErrors().get(0).getDefaultMessage();
+        int code =402;
+
+        return ResponseResult.FAIL(code,message);
+    }
 }
\ No newline at end of file
diff --git a/dq-framework-model/src/main/java/com/daqing/framework/domain/hrms/request/UserLoginRequest.java b/dq-framework-model/src/main/java/com/daqing/framework/domain/hrms/request/UserLoginRequest.java
index bb485b32..13b39d2c 100644
--- a/dq-framework-model/src/main/java/com/daqing/framework/domain/hrms/request/UserLoginRequest.java
+++ b/dq-framework-model/src/main/java/com/daqing/framework/domain/hrms/request/UserLoginRequest.java
@@ -18,12 +18,8 @@ public class UserLoginRequest implements Serializable {
 	/**
 	 * 手机账号
 	 */
+	@Pattern(regexp = "^1(3([0-35-9]\\d|4[1-8])|4[14-9]\\d|5([0125689]\\d|7[1-79])|66\\d|7[2-35-8]\\d|8\\d{2}|9[13589]\\d)\\d{7}$",message = "手机号格式不正确！")
 	private String phoneAccount;
-	/**A
-	 * 密码
-	 */
-	@Pattern(regexp = "^[a-zA-Z0-9]{8,20}$")
-	private String password;
 
 	/**
 	 * 验证码
@@ -32,5 +28,6 @@ public class UserLoginRequest implements Serializable {
 	/**
 	 * 新密码
 	 */
+	@Pattern(regexp = "^(?=.*[0-9].*)(?=.*[A-Z].*)(?=.*[a-z].*).{6,20}$",message = "密码格式不正确！")
 	private String newPwd;
 }
diff --git a/dq-framework-model/src/main/java/com/daqing/framework/domain/hrms/response/HrmsCode.java b/dq-framework-model/src/main/java/com/daqing/framework/domain/hrms/response/HrmsCode.java
index 34c752d1..52fcc512 100644
--- a/dq-framework-model/src/main/java/com/daqing/framework/domain/hrms/response/HrmsCode.java
+++ b/dq-framework-model/src/main/java/com/daqing/framework/domain/hrms/response/HrmsCode.java
@@ -21,11 +21,12 @@ public enum HrmsCode implements ResultCode {
     DEPT_EMP_EXSIT(false, 22004, "请将部门下所有员工移除后再执行删除操作！"),
     DEPT_POSITION_EXSIT(false, 22005, "该部门下已存在该职位！"),
 
-    PHNOE_ACCOUNT_NOT_EMPTY(false,33001,"手机号码为空"),
-    VERIFY_CODE_NOT_EMPTY(false,33002,"短信验证码为空"),
-    NEW_PASSWORD_NOT_EMPTY(false,33003,"新密码不能为空"),
-    NEW_PASSWORD_ILLEGAL(false,33004,"新密码格式不正确"),
-    VERIFY_CODE_ILLEGAL(false,33005,"验证码不匹配"),
+    PHNOE_ACCOUNT_NOT_EMPTY(false,33001,"手机号码为空！"),
+    VERIFY_CODE_NOT_EMPTY(false,33002,"短信验证码为空！"),
+    NEW_PASSWORD_NOT_EMPTY(false,33003,"新密码不能为空！"),
+    NEW_PASSWORD_ILLEGAL(false,33004,"新密码格式不正确！"),
+    VERIFY_CODE_ILLEGAL(false,33005,"验证码不匹配！"),
+    PHNOE_ACCOUNT_NOT_EXIST(false,33006,"手机号码不存在！"),
     EMP_POSITION_EXSIT(false, 22006, "该职位下已关联员工！");