diff --git a/eladmin-system/src/main/java/me/zhengjie/modules/security/rest/AuthorizationController.java b/eladmin-system/src/main/java/me/zhengjie/modules/security/rest/AuthorizationController.java
index 634356d5..3952c48b 100644
--- a/eladmin-system/src/main/java/me/zhengjie/modules/security/rest/AuthorizationController.java
+++ b/eladmin-system/src/main/java/me/zhengjie/modules/security/rest/AuthorizationController.java
@@ -80,10 +80,14 @@ public class AuthorizationController {
         // 清除验证码
         redisUtils.del(authUser.getUuid());
         if (StringUtils.isBlank(code)) {
-            throw new BadRequestException("验证码不存在或已过期");
+            Map<String, String> errorData = new HashMap<>(2);
+            errorData.put("message", "验证码不存在或已过期");
+            return new ResponseEntity<>(errorData, HttpStatus.BAD_REQUEST);
         }
         if (StringUtils.isBlank(authUser.getCode()) || !authUser.getCode().equalsIgnoreCase(code)) {
-            throw new BadRequestException("验证码错误");
+            Map<String, String> errorData = new HashMap<>(2);
+            errorData.put("message", "验证码错误");
+            return new ResponseEntity<>(errorData, HttpStatus.BAD_REQUEST);
         }
         UsernamePasswordAuthenticationToken authenticationToken =
                 new UsernamePasswordAuthenticationToken(authUser.getUsername(), password);