diff --git a/app/Endpoint/Api/Http/Controllers/Dealer/OrderController.php b/app/Endpoint/Api/Http/Controllers/Dealer/OrderController.php
index f77b69ad..600e010b 100644
--- a/app/Endpoint/Api/Http/Controllers/Dealer/OrderController.php
+++ b/app/Endpoint/Api/Http/Controllers/Dealer/OrderController.php
@@ -6,6 +6,7 @@ use App\Endpoint\Api\Http\Controllers\Controller;
 use App\Endpoint\Api\Http\Resources\Dealer\OrderResource;
 use App\Endpoint\Api\Http\Resources\Dealer\OrderSimpleResource;
 use App\Exceptions\BizException;
+use App\Exceptions\PayPasswordIncorrectException;
 use App\Helpers\Paginator as PaginatorHelper;
 use App\Models\DealerOrder;
 use App\Models\DealerProduct;
@@ -139,7 +140,19 @@ class OrderController extends Controller
         $input = $request->validate([
             'pay_image' => ['bail', 'string'],
             'pay_way' => ['bail', 'string'],
+            'pay_password' => ['bail', 'string'],
+        ], [], [
+            'pay_image' => '打款凭证',
+            'pay_way' => '支付方式',
+            'pay_password' => '支付密码',
         ]);
+        $payWay = $input['pay_way'] ?? 'offline';
+        if ($payWay == DealerOrder::PAY_WAY_WALLET) {
+            //验证支付密码
+            if (! $request->user()->wallet?->verifyPassword($input['pay_password'] ?? '')) {
+                throw new PayPasswordIncorrectException();
+            }
+        }
         try {
             DB::beginTransaction();
             $orderService->payOrder($order, $input['pay_way'] ?? 'offline', $input['pay_image'] ?? null);