diff --git a/application/admin/config.php b/application/admin/config.php
index 3779064..843ac5c 100644
--- a/application/admin/config.php
+++ b/application/admin/config.php
@@ -1,5 +1,5 @@
 <?php
 //配置文件
 return [
-
+    'auth_key' => 'mbvUenPqbpxT5WTAXXkFVPHF})0AOGfsMIN01XLu52SgS<R]DQDfj6TlThl897Qd',
 ];
\ No newline at end of file
diff --git a/application/admin/controller/User.php b/application/admin/controller/User.php
index 6efe3bb..5ba472e 100644
--- a/application/admin/controller/User.php
+++ b/application/admin/controller/User.php
@@ -1,6 +1,6 @@
 <?php
 /**
- *
+ * 用户登录类
  * @since   2016-02-18
  * @author  zhaoxiang <zhaoxiang051405@outlook.com>
  */
@@ -8,22 +8,33 @@
 namespace app\admin\controller;
 
 
+use think\Db;
 use think\Request;
 
-class User extends Base  {
+class User extends Base {
     public function login(){
         $request = Request::instance();
         if( $request->isPost() ){
             $username = $request->post('username');
             $password = $request->post('password');
             if( !$username || !$password ){
-                $this->error('缺少关键数据！');
+                return $this->error('缺少关键数据！');
             }
-            if( $request->post('name') ){
+            $password = $this->getPwdHash($password);
+            $isOk = Db::table('users')->where(['username' => $username, 'password' => $password])->count();
+            if( !$isOk ){
+                $this->error('用户名或者密码错误！');
+            }else{
 
             }
         }else{
             return $this->fetch();
         }
     }
+
+    private function getPwdHash( $pwd ){
+        $hashKey = config('auth_key');
+        $newPwd = $pwd.$hashKey;
+        return md5(sha1($newPwd).$hashKey);
+    }
 }
\ No newline at end of file