diff --git a/app_admin/views.py b/app_admin/views.py
index c580622..f2b4644 100644
--- a/app_admin/views.py
+++ b/app_admin/views.py
@@ -49,6 +49,13 @@ def log_in(request):
         try:
             username = request.POST.get('username','')
             pwd = request.POST.get('password','')
+            # 判断是否需要验证码
+            require_login_check_code = SysSetting.objects.filter(types="basic",name="enable_login_check_code")
+            if (len(require_login_check_code) > 0) and (require_login_check_code[0].value == 'on'):
+                checkcode = request.POST.get("check_code", None)
+                if checkcode != request.session['CheckCode'].lower():
+                    errormsg = '验证码错误！'
+                    return render(request, 'login.html', locals())
             if username != '' and pwd != '':
                 user = authenticate(username=username,password=pwd)
                 if user is not None:
@@ -713,6 +720,7 @@ def admin_setting(request):
             img_scale = request.POST.get('img_scale',None) # 图片缩略
             enable_register_code = request.POST.get('enable_register_code',None) # 注册邀请码
             enable_project_report = request.POST.get('enable_project_report',None) # 文集导出
+            enable_login_check_code = request.POST.get('enable_login_check_code',None) # 登录验证码
             # 更新首页文集默认排序
             SysSetting.objects.update_or_create(
                 name='index_project_sort',
@@ -793,6 +801,12 @@ def admin_setting(request):
                 name = 'enable_project_report',
                 defaults={'value':enable_project_report,'types':'basic'}
             )
+            # 更新登录验证码状态
+            SysSetting.objects.update_or_create(
+                name = 'enable_login_check_code',
+                defaults={'value':enable_login_check_code,'types':'basic'}
+            )
+
 
             return render(request,'app_admin/admin_setting.html',locals())
         # 邮箱设置
diff --git a/app_doc/views.py b/app_doc/views.py
index 0126b92..4e3879f 100644
--- a/app_doc/views.py
+++ b/app_doc/views.py
@@ -2515,7 +2515,7 @@ def manage_attachment(request):
                     attachment_suffix_list = ['zip']
                 allow_attachment = False
                 for suffix in attachment_suffix_list:
-                    if attachment_name.split('.')[-1] in attachment_suffix_list:
+                    if attachment_name.split('.')[-1].lower() in attachment_suffix_list:
                         allow_attachment = True
                 if allow_attachment:
                     a = Attachment.objects.create(
diff --git a/template/app_admin/admin_setting.html b/template/app_admin/admin_setting.html
index fc18b5d..396cf30 100644
--- a/template/app_admin/admin_setting.html
+++ b/template/app_admin/admin_setting.html
@@ -101,6 +101,15 @@
                     </div>
                     <div class="layui-form-mid layui-word-aux">开启此选项，新用户注册将需要填写注册码</div>
                   </div>
+                  <!-- 登录验证码开关 -->
+                  <div class="layui-form-item">
+                    <label class="layui-form-label">登录验证码</label>
+                    <div class="layui-input-inline">
+                      <input type="checkbox" name="enable_login_check_code" lay-skin="switch" lay-text="开启|关闭"  {% if enable_login_check_code %}checked{% endif %}>
+                    </div>
+                    <div class="layui-form-mid layui-word-aux">开启此选项，登录将需要填写验证码</div>
+                  </div>
+                  
                   <!-- 文集导出开关 -->
                    <div class="layui-form-item">
                     <label class="layui-form-label">文集下载</label>
diff --git a/template/app_doc/project.html b/template/app_doc/project.html
index 31f55a3..39b8ebd 100644
--- a/template/app_doc/project.html
+++ b/template/app_doc/project.html
@@ -10,7 +10,7 @@
     {% if request.user == project.create_user or colla_user > 0 %}
         <span class="btn pull-left">|</span>
         <a class="btn pull-left" href="{% url 'create_doc' %}?pid={{project.id}}" target="_blank">
-            <i class="fa fa-plus-square"></i> <span class="layui-hide-xs">{% trans "添加" %}</span>
+            <i class="layui-icon layui-icon-add-1"></i> <span class="layui-hide-xs">{% trans "添加" %}</span>
         </a>
     {% endif %}
     {% if request.user == project.create_user %}
diff --git a/template/login.html b/template/login.html
index 3fae421..80b000d 100644
--- a/template/login.html
+++ b/template/login.html
@@ -72,6 +72,20 @@
                       <input type="password" name="password" required  lay-verify="required" placeholder="请输入密码" autocomplete="off" class="layui-input" value="{{pwd}}">
                     </div>
                 </div>
+                {% if enable_login_check_code == 'on' %}
+                <div class="layui-form-item">
+                    <div class="layui-input-inline">
+                        <input type="text" class="layui-input" placeholder="请输入验证码" name="check_code" autocomplete="off">
+                            <img src="{% url 'check_code' %}" onclick="ChangeCode(this);">
+                            <script>
+                                // 点击一次,更改图片内容,
+                                function ChangeCode(ths){
+                                    ths.src = ths.src + '?';
+                                }
+                            </script>
+                    </div>
+                </div>
+                {% endif %}
                 <div class="layui-form-item">
                     <div class="layui-input-inline login-input">
                         <button class="layui-btn layui-btn-fluid layui-btn-radius  layui-btn-normal" lay-submit lay-filter="formDemo" type="submit">{% trans "登录" %}</button>
diff --git a/template/register.html b/template/register.html
index 61be7a1..5cc1643 100644
--- a/template/register.html
+++ b/template/register.html
@@ -80,7 +80,7 @@
                 </div>
                 <div class="layui-form-item">
                     <div class="layui-input-inline">
-                        <input type="text" class="layui-input" placeholder="请输入验证码" name="check_code">
+                        <input type="text" class="layui-input" placeholder="请输入验证码" name="check_code" autocomplete="off">
                             <img src="{% url 'check_code' %}" onclick="ChangeCode(this);">
                             <script>
                                 // 点击一次,更改图片内容,
