diff --git a/src/main/java/com/example/copykamanotes/config/WebConfig.java b/src/main/java/com/example/copykamanotes/config/WebConfig.java
index ca84797..a3f2ba9 100644
--- a/src/main/java/com/example/copykamanotes/config/WebConfig.java
+++ b/src/main/java/com/example/copykamanotes/config/WebConfig.java
@@ -2,6 +2,7 @@ package com.example.copykamanotes.config;
 
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.context.annotation.Configuration;
+import org.springframework.web.servlet.config.annotation.CorsRegistry;
 import org.springframework.web.servlet.config.annotation.InterceptorRegistry;
 import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;
 
@@ -24,4 +25,14 @@ public class WebConfig implements WebMvcConfigurer {
                 .excludePathPatterns("/api/users/login", "/api/users/register");
     }
 
+    @Override
+    public void addCorsMappings(CorsRegistry registry) {
+        registry.addMapping("/**")
+                .allowedOrigins("http://localhost:5173", "http://127.0.0.1:5173")  // 允许的域名
+                .allowedMethods("GET", "POST", "PUT", "DELETE", "OPTIONS", "PATCH")// 允许的 HTTP 方法
+                .allowedHeaders("*")
+                .allowCredentials(true)
+                .maxAge(3600);
+    }
+
 }
diff --git a/src/main/java/com/example/copykamanotes/controller/UserController.java b/src/main/java/com/example/copykamanotes/controller/UserController.java
index 5a5f3e2..19bcd94 100644
--- a/src/main/java/com/example/copykamanotes/controller/UserController.java
+++ b/src/main/java/com/example/copykamanotes/controller/UserController.java
@@ -1,14 +1,9 @@
 package com.example.copykamanotes.controller;
 
 import com.example.copykamanotes.model.base.ApiResponse;
-import com.example.copykamanotes.model.dto.user.LoginRequest;
-import com.example.copykamanotes.model.dto.user.RegisterRequest;
-import com.example.copykamanotes.model.dto.user.UpdateUserRequest;
-import com.example.copykamanotes.model.dto.user.UserQueryParam;
+import com.example.copykamanotes.model.dto.user.*;
 import com.example.copykamanotes.model.entity.User;
-import com.example.copykamanotes.model.vo.user.AvatarVO;
-import com.example.copykamanotes.model.vo.user.LoginUserVO;
-import com.example.copykamanotes.model.vo.user.RegisterVO;
+import com.example.copykamanotes.model.vo.user.*;
 import com.example.copykamanotes.service.UserService;
 import lombok.extern.slf4j.Slf4j;
 import org.springframework.beans.factory.annotation.Autowired;
@@ -76,4 +71,11 @@ public class UserController {
     ) {
         return userService.getUserList(userQueryParam);
     }
+
+    @PostMapping("/users/resetPassword")
+    public ApiResponse<UserVO> updateUserPassword(
+            @RequestBody UserRestPasswordRequest userRestPasswordRequest
+            ) {
+        return userService.updateUserPassword(userRestPasswordRequest.getOldPassword(), userRestPasswordRequest.getNewPassword());
+    }
 }
diff --git a/src/main/java/com/example/copykamanotes/mapper/UserMapper.java b/src/main/java/com/example/copykamanotes/mapper/UserMapper.java
index abbf04a..0e83250 100644
--- a/src/main/java/com/example/copykamanotes/mapper/UserMapper.java
+++ b/src/main/java/com/example/copykamanotes/mapper/UserMapper.java
@@ -26,6 +26,8 @@ public interface UserMapper {
 
     int update(User user);
 
+    int updatePassword(@Param("userId") Long userId, @Param("password") String password);
+
     List<User> findByIds(@Param("userIds") List<Long> userIds);
 
     int countByQueryParam(@Param("queryParams") UserQueryParam userQueryParam);
diff --git a/src/main/java/com/example/copykamanotes/model/dto/user/UserRestPasswordRequest.java b/src/main/java/com/example/copykamanotes/model/dto/user/UserRestPasswordRequest.java
new file mode 100644
index 0000000..72a31ef
--- /dev/null
+++ b/src/main/java/com/example/copykamanotes/model/dto/user/UserRestPasswordRequest.java
@@ -0,0 +1,10 @@
+package com.example.copykamanotes.model.dto.user;
+
+import lombok.Data;
+
+@Data
+public class UserRestPasswordRequest {
+    private String account;
+    private String oldPassword;
+    private String newPassword;
+}
diff --git a/src/main/java/com/example/copykamanotes/service/UserService.java b/src/main/java/com/example/copykamanotes/service/UserService.java
index e59fcd5..0e72e5b 100644
--- a/src/main/java/com/example/copykamanotes/service/UserService.java
+++ b/src/main/java/com/example/copykamanotes/service/UserService.java
@@ -66,6 +66,8 @@ public interface UserService {
      */
     Map<Long, User> getUserMapByIds(List<Long> authorIds);
 
+    ApiResponse<UserVO> updateUserPassword(String oldPassword, String newPassword);
+
     /**
      * 获取用户列表
      * @param userQueryParam 查询参数
diff --git a/src/main/java/com/example/copykamanotes/service/impl/UserServiceImpl.java b/src/main/java/com/example/copykamanotes/service/impl/UserServiceImpl.java
index 98312f8..f2da4a7 100644
--- a/src/main/java/com/example/copykamanotes/service/impl/UserServiceImpl.java
+++ b/src/main/java/com/example/copykamanotes/service/impl/UserServiceImpl.java
@@ -32,6 +32,7 @@ import org.springframework.web.multipart.MultipartFile;
 import java.util.Collections;
 import java.util.List;
 import java.util.Map;
+import java.util.Objects;
 import java.util.stream.Collectors;
 
 @Log4j2
@@ -233,4 +234,33 @@ public class UserServiceImpl implements UserService {
             return ApiResponseUtil.error("上传失败");
         }
     }
+
+    @Override
+    public ApiResponse<UserVO> updateUserPassword(String oldPassword, String newPassword) {
+        Long userId = requestScopeData.getUserId();
+
+        if (userId == null) {
+            return ApiResponseUtil.error("未登录");
+        }
+
+        User user = null;
+        user = userMapper.findById(userId);
+        if (user == null || !passwordEncoder.matches(oldPassword, user.getPassword())) {
+            return ApiResponseUtil.error("旧密码错误");
+        }
+
+        if (Objects.equals(oldPassword, newPassword)) {
+            return ApiResponseUtil.error("新密码不能与旧密码相同");
+        }
+
+        user.setPassword(passwordEncoder.encode(newPassword));
+
+        try {
+            userMapper.updatePassword(user.getUserId(), user.getPassword());
+            return ApiResponseUtil.success("更新密码成功");
+        } catch (Exception e) {
+            log.error("更新密码失败", e);
+            return ApiResponseUtil.error("更新密码失败");
+        }
+    }
 }
diff --git a/src/main/resources/mapper/UserMapper.xml b/src/main/resources/mapper/UserMapper.xml
index c3d6c9b..3dc63ed 100644
--- a/src/main/resources/mapper/UserMapper.xml
+++ b/src/main/resources/mapper/UserMapper.xml
@@ -63,6 +63,12 @@
         where user_id = #{userId}
     </update>
 
+    <update id="updatePassword" parameterType="com.example.copykamanotes.model.entity.User">
+        UPDATE user
+        SET password = #{password}
+        WHERE user_id = #{userId}
+    </update>
+
     <select id="findByIds" resultType="com.example.copykamanotes.model.entity.User">
         SELECT *
         FROM user