diff --git a/business/jxstore/cms/cms.go b/business/jxstore/cms/cms.go
index 6fd426baf..52cda2f32 100644
--- a/business/jxstore/cms/cms.go
+++ b/business/jxstore/cms/cms.go
@@ -6,6 +6,7 @@ import (
 	"strings"
 	"time"
 
+	"git.rosy.net.cn/jx-callback/business/auth2/authprovider/mobile"
 	"git.rosy.net.cn/jx-callback/business/jxutils/msg"
 
 	"git.rosy.net.cn/baseapi/utils"
@@ -176,7 +177,10 @@ func GetCoordinateDistrictCode(ctx *jxcontext.Context, lng, lat float64) (code i
 	return api.AutonaviAPI.GetCoordinateDistrictCode(lng, lat), nil
 }
 
-func SendMsg2Somebody(ctx *jxcontext.Context, msgType, msgContent string) (err error) {
+func SendMsg2Somebody(ctx *jxcontext.Context, mobileNum, verifyCode, msgType, msgContent string) (err error) {
+	if _, err = mobile.AutherObj.VerifySecret(mobileNum, verifyCode); err != nil {
+		return err
+	}
 	db := dao.GetDB()
 	for _, v := range receiveMsgUsersMap[msgType] {
 		user, err2 := dao.GetUserByID(db, "name", v)
diff --git a/controllers/cms.go b/controllers/cms.go
index 7ddeb9224..59af6672d 100644
--- a/controllers/cms.go
+++ b/controllers/cms.go
@@ -204,7 +204,8 @@ func (c *CmsController) FakeNewOrder() {
 
 // @Title 发送消息给相关人员
 // @Description 发送消息给相关人员
-// @Param	token			header		string	true	"认证token"
+// @Param	mobile			formData	string	true	"手机号"
+// @Param	verifyCode		formData	string	true	"验证码"
 // @Param	msgType			formData	string	true	"消息类型"
 // @Param	msgContent		formData	string	true	"消息内容"
 // @Success 200 {object} controllers.CallResult
@@ -212,7 +213,7 @@ func (c *CmsController) FakeNewOrder() {
 // @router /SendMsg2Somebody [post]
 func (c *CmsController) SendMsg2Somebody() {
 	c.callSendMsg2Somebody(func(params *tCmsSendMsg2SomebodyParams) (retVal interface{}, errCode string, err error) {
-		err = cms.SendMsg2Somebody(params.Ctx, params.MsgType, params.MsgContent)
+		err = cms.SendMsg2Somebody(params.Ctx, params.Mobile, params.VerifyCode, params.MsgType, params.MsgContent)
 		return retVal, "", err
 	})
 }