diff --git a/app/Http/Controllers/Module/UserController.php b/app/Http/Controllers/Module/UserController.php
index a760180..295c341 100644
--- a/app/Http/Controllers/Module/UserController.php
+++ b/app/Http/Controllers/Module/UserController.php
@@ -126,4 +126,30 @@ public function auth($token): JsonResponse
             ]
         )) : $this->notFound();
     }
+
+    public function attempt(Request $request)
+    {
+        $request->validate([
+            'email' => 'required|email',
+            'password' => 'required|string',
+            'require_token' => 'nullable|boolean',
+            'abilities' => 'nullable|array',
+        ]);
+
+        // 验证
+        $user = User::where('email', $request->input('email'))->first();
+        if ($user === null) {
+            return $this->error('用户不存在。');
+        }
+
+        if (password_verify($request->input('password'), $user->password) === false) {
+            return $this->error('密码错误。');
+        }
+
+        if ($request->input('require_token')) {
+            $user['token'] = $user->createToken('模块创建', $request->input('abilities', ['*']))->plainTextToken;
+        }
+
+        return $this->success($user);
+    }
 }
diff --git a/routes/modules.php b/routes/modules.php
index feeb7bc..21f0820 100644
--- a/routes/modules.php
+++ b/routes/modules.php
@@ -23,6 +23,7 @@
 Route::apiResource('work-orders.replies', ReplyController::class);
 
 // 用户信息
+Route::post('users/attempt', [UserController::class, 'attempt']);
 Route::resource('users', UserController::class)->only(['index', 'show', 'update', 'store']);
 
 Route::get('token/{token}', [UserController::class, 'auth']);