diff --git a/apps/auth/urls.py b/apps/auth/urls.py
index 415032d..223e312 100644
--- a/apps/auth/urls.py
+++ b/apps/auth/urls.py
@@ -5,4 +5,5 @@ urlpatterns = [
     path("gettoken/", views.gettoken, name="getToken"),
     path("searchuser/", views.search_user, name="searchuser"),
     path("adduser/", views.add_user, name="addUser"),
+    path("login/", views.login_user, name="loginUser"),
 ]
diff --git a/apps/auth/views.py b/apps/auth/views.py
index 46b658c..05cb66c 100644
--- a/apps/auth/views.py
+++ b/apps/auth/views.py
@@ -1,3 +1,4 @@
+import binascii
 import json, datetime, base64
 from django.shortcuts import HttpResponse
 from django.middleware.csrf import get_token
@@ -41,7 +42,7 @@ def add_user(request):
     :return: 注册结果
     """
     username = request.POST.get("username")
-    pwd_base64 = base64.b64decode(request.POST.get("pwd"))
+    pwd_base64 = base64.b64encode(request.POST.get("pwd"))
     pwd = make_password(pwd_base64)
     email = request.POST.get("email")
     phone = request.POST.get("phone")
@@ -59,3 +60,25 @@ def add_user(request):
         avatar=avatar
     )
     return HttpResponse("添加用户成功")
+
+
+@require_POST
+def login_user(request):
+    """
+    用户登录，验证用户密码是否正确，正确返回菜单，错误返回用户名或密码不正确
+    :param request:
+    :return:
+    """
+    try:
+        username = request.POST.get("username")
+        pwd_input = base64.b64decode(request.POST.get("pwd"))
+        pwd_made = auth_models.User.objects.filter(username=username).first().pwd
+        pwd = check_password(pwd_input, pwd_made)
+        if pwd:
+            return HttpResponse(True)
+        else:
+            return HttpResponse("用户名或密码不正确")
+    except binascii.Error as e:
+        return HttpResponse("base64解码失败")
+    except Exception as e:
+        return HttpResponse("报错了")