diff --git a/src/api/system/captcha.lua b/src/api/system/captcha.lua
index 41c4c6b..23e3777 100644
--- a/src/api/system/captcha.lua
+++ b/src/api/system/captcha.lua
@@ -17,6 +17,12 @@ local routes = {
         methods = { "GET" },
         handler = systemCaptcha.getCaptcha,
     },
+    --验证码图片校验相关路由接口
+    {
+        paths = { "/yum/v1/system/captcha/check" },
+        methods = { "GET" },
+        handler = systemCaptcha.checkCaptcha,
+    },
 }
 
 -- 初始化路由
diff --git a/src/service/system/captcha.lua b/src/service/system/captcha.lua
index 63480c1..5e47ad4 100644
--- a/src/service/system/captcha.lua
+++ b/src/service/system/captcha.lua
@@ -10,10 +10,15 @@ local status = require("util.status")
 local resp = require("util.response")
 local genpic = require("util.generatechaptcha")
 local red = require("share.redis")
+local validator = require("validator.system.captcha")
 
 --生成图片文件
 function _M.getCaptcha()
     local filename, base64_data, captchaText = genpic.get_captcha_base64()
+    if base64_data == nil then
+        ngx.status = 500
+        ngx.exit(ngx.HTTP_INTERNAL_SERVER_ERROR)
+    end
     --将文件名存储到redis中 超时时间5分钟
     local key = "captcha-"..filename
     red:set(key, captchaText)
@@ -29,16 +34,47 @@ end
 
 --验证图片上的验证码
 function _M.checkCaptcha()
-
+    --获取请求中参数
+    local args = ngx.req.get_uri_args()
+    -- 校验客户端请求参数
+    local ok = validator.validateCheck(args)
+    --验证失败则返回
+    if not ok then
+        ngx.exit(ngx.HTTP_BAD_REQUEST)
+    end
+    local picgid = args["picgid"]
+    local code = args["code"]
+    local key = "captcha-"..picgid
+    local captchaText, err = red:get(key)
+    if not captchaText or captchaText == ngx.null then
+        resp:response(status.AUTH_CODE_INVALID)
+        return
+    end
+    if captchaText ~= string.upper(code) then
+        --print("captchaText:", captchaText, " code:", code)
+        resp:response(status.AUTH_CODE_ERROR)
+        red:del(key)
+        return
+    end
+    red:del(key)
+    resp:response(status.SUCCESS)
 end
 
 --验证码删除
 function _M.deleteCaptcha()
     --获取请求中参数
     local args = ngx.req.get_uri_args()
+    -- 校验客户端请求参数
+    local ok = validator.validateAuthorize(args)
+    --验证失败则返回
+    if not ok then
+        ngx.exit(ngx.HTTP_BAD_REQUEST)
+    end
     --其中image为要删除的验证码图片的picgid。
     local picgid = args["picgid"]
-    red:del(picgid)
+    local key = "captcha-"..picgid
+    red:del(key)
+    resp:response(status.SUCCESS)
 end
 
 return _M
\ No newline at end of file
diff --git a/src/util/generatechaptcha.lua b/src/util/generatechaptcha.lua
index 08eb15e..84a0755 100644
--- a/src/util/generatechaptcha.lua
+++ b/src/util/generatechaptcha.lua
@@ -41,10 +41,13 @@ local function generate_captcha()
     gd.useFontConfig(true)
     for i = 1, 4 do
         local char = string.sub(captcha_text, i, i)
-        local x = 10 + (i - 1) * 25 + math.random(-5,5)
-        local y = 10 + math.random(-5,5)
-        local angle = math.random(-20, 20)
-        im:stringFT(black, "Arial:bold", 18, angle, x, y, char)
+        local x = 20 + (i - 1) * 25 + math.random(-5,5)
+        local y = 25 + math.random(-5,5)
+        local angle = math.random () / math.pi
+        -- 设置字体大小
+        local fontsize = math.random(10,20)
+        -- 在图像上添加文本
+        im:stringFT(black, "Arial:bold", fontsize, angle, x, y, char)
     end
     -- 添加干扰线
     for i = 1, 5 do
diff --git a/src/util/status.lua b/src/util/status.lua
index 62f0ea4..0d3b6e3 100644
--- a/src/util/status.lua
+++ b/src/util/status.lua
@@ -52,6 +52,7 @@ local _M = {
     DATA_IS_WRONG = { code = 1005, message = "数据有误" },
     DATA_ALREADY_EXISTED = { code = 1006, message = "数据已存在" },
     AUTH_CODE_ERROR = { code = 1007, message = "验证码错误" },
+    AUTH_CODE_INVALID = { code = 1007, message = "验证码无效" },
 
     -- 注册错误：1100-1199
     REG_USERNAME_EXIST = { code = 1100, message = "注册失败，用户名已存在" },
diff --git a/src/validator/system/captcha.lua b/src/validator/system/captcha.lua
new file mode 100644
index 0000000..fa90b3b
--- /dev/null
+++ b/src/validator/system/captcha.lua
@@ -0,0 +1,45 @@
+---
+--- Generated by EmmyLua(https://github.com/EmmyLua)
+--- Created by frankly.
+--- DateTime: 2025/11/21 15:08
+--- 验证码参数校验文件
+local jsonschema = require("jsonschema")
+
+local _M = {}
+
+-- 定义一个JSON Schema
+local schemaCheck = {
+    type = "object",
+    properties = {
+        picgid = { type = "string" },
+        code = { type = "string" }
+    },
+    required = { "picgid", "code" }
+}
+
+--获取授权码
+function _M.validateCheck(jsonData)
+    -- 验证数据是否符合schema
+    local validator = jsonschema.generate_validator(schemaCheck)
+    local result = validator(jsonData)
+    return result
+end
+
+-- 定义一个JSON Schema
+local schemaDelete = {
+    type = "object",
+    properties = {
+        picgid = { type = "string" },
+    },
+    required = { "picgid" }
+}
+
+--获取授权码
+function _M.validateDelete(jsonData)
+    -- 验证数据是否符合schema
+    local validator = jsonschema.generate_validator(schemaDelete)
+    local result = validator(jsonData)
+    return result
+end
+
+return _M
\ No newline at end of file