diff --git a/dsAiTeachingModel/api/controller/UserController.py b/dsAiTeachingModel/api/controller/UserController.py
index e23d8f5f..bff5dd85 100644
--- a/dsAiTeachingModel/api/controller/UserController.py
+++ b/dsAiTeachingModel/api/controller/UserController.py
@@ -3,6 +3,7 @@ import re
 
 from fastapi import APIRouter, Request, Response, Depends
 from auth.dependencies import *
+from utils.CommonUtil import md5_encrypt
 from utils.Database import *
 from utils.ParseRequest import *
 
@@ -29,4 +30,21 @@ async def modify_telephone(request: Request):
 
 
 # 【Base-User-2】维护用户密码
-# @router.post("/modifyPassword")
+@router.post("/modifyPassword")
+async def modify_password(request: Request):
+    person_id = await get_request_str_param(request, "person_id", True, True)
+    old_password = await get_request_str_param(request, "old_password", True, True)
+    password = await get_request_str_param(request, "password", True, True)
+    # 校验旧密码是否正确
+    select_password_sql: str = "select pwdmd5 from t_sys_loginperson where person_id = '" + person_id + "' and b_use = 1"
+    userlist = await find_by_sql(select_password_sql, ())
+    if len(userlist) == 0:
+        return {"success": False, "message": "用户不存在"}
+    else:
+        if userlist[0]["pwdmd5"] != md5_encrypt(old_password):
+            return {"success": False, "message": "旧密码错误"}
+        else:
+            update_password_sql: str = "update t_sys_loginperson set original_pwd = '" + password + "',pwdmd5 = '" + md5_encrypt(password) + "' where person_id = '" + person_id + "'"
+            await execute_sql(update_password_sql)
+            return {"success": True, "message": "修改成功"}
+