diff --git a/app/Http/Controllers/User/UserController.php b/app/Http/Controllers/User/UserController.php
index fddb91b2..d9aec8ba 100755
--- a/app/Http/Controllers/User/UserController.php
+++ b/app/Http/Controllers/User/UserController.php
@@ -4,6 +4,7 @@ namespace App\Http\Controllers\User;
 
 use App\Http\Controllers\Controller;
 use App\Http\Requests\User\UserUpdate;
+use App\Http\Requests\User\UserChangePassword;
 use Illuminate\Http\Request;
 use App\Models\User;
 use App\Models\Plan;
@@ -23,14 +24,8 @@ class UserController extends Controller
         ]);
     }
 
-    public function changePassword(Request $request)
+    public function changePassword(UserChangePassword $request)
     {
-        if (empty($request->input('old_password'))) {
-            abort(500, '旧密码不能为空');
-        }
-        if (empty($request->input('new_password'))) {
-            abort(500, '新密码不能为空');
-        }
         $user = User::find($request->session()->get('id'));
         if (!Helper::multiPasswordVerify(
             $user->password_algo,
diff --git a/app/Http/Requests/User/UserChangePassword.php b/app/Http/Requests/User/UserChangePassword.php
new file mode 100644
index 00000000..1b45297a
--- /dev/null
+++ b/app/Http/Requests/User/UserChangePassword.php
@@ -0,0 +1,30 @@
+<?php
+
+namespace App\Http\Requests\User;
+
+use Illuminate\Foundation\Http\FormRequest;
+
+class UserChangePassword extends FormRequest
+{
+    /**
+     * Get the validation rules that apply to the request.
+     *
+     * @return array
+     */
+    public function rules()
+    {
+        return [
+            'old_password' => 'required',
+            'new_password' => 'required|min:8'
+        ];
+    }
+
+    public function messages()
+    {
+        return [
+            'old_password.required' => '旧密码不能为空',
+            'new_password.required' => '新密码不能为空',
+            'new_password.min' => '密码必须大于8位数'
+        ];
+    }
+}