diff --git a/app.py b/app.py
index cba278a..94ef79d 100644
--- a/app.py
+++ b/app.py
@@ -197,6 +197,59 @@ def get_db_connection():
         print(f"Database connection error: {e}")
         return None
 
+
+def generate_captcha():
+    # 生成6位随机验证码
+    captcha_code = ''.join(random.choices(string.ascii_uppercase + string.digits, k=6))
+    conn = get_db_connection()
+    if conn:
+        try:
+            cursor = conn.cursor()
+            # 清除旧的验证码
+            cursor.execute("DELETE FROM captcha WHERE created_at < NOW() - INTERVAL 10 MINUTE")
+            # 插入新验证码
+            cursor.execute("INSERT INTO captcha (code) VALUES (%s)", (captcha_code,))
+            conn.commit()
+            return captcha_code
+        except Error as e:
+            print(f"Database error: {e}")
+            return None
+        finally:
+            if conn.is_connected():
+                cursor.close()
+                conn.close()
+    return None
+
+
+def verify_captcha(user_input):
+    """验证用户输入的验证码是否正确（只验证最新的4位验证码）"""
+    conn = get_db_connection()
+    if conn:
+        try:
+            cursor = conn.cursor()
+            # 只查询最新的验证码（确保是4位的）
+            cursor.execute("""
+                SELECT code FROM captcha 
+                WHERE LENGTH(code) = 4  -- 只查询4位验证码
+                ORDER BY created_at DESC 
+                LIMIT 1
+            """)
+            result = cursor.fetchone()
+            if result and user_input.upper() == result[0]:
+                # 验证成功后删除已使用的验证码
+                cursor.execute("DELETE FROM captcha WHERE code = %s", (result[0],))
+                conn.commit()
+                return True
+            return False
+        except Error as e:
+            print(f"Database error: {e}")
+            return False
+        finally:
+            if conn.is_connected():
+                cursor.close()
+                conn.close()
+    return False
+
 def validate_name(name, max_length=64):
     """
     校验名称是否符合规范