diff --git a/app/controller/api/store/merchant/Merchant.php b/app/controller/api/store/merchant/Merchant.php
index 2798efd2..ebf147ea 100644
--- a/app/controller/api/store/merchant/Merchant.php
+++ b/app/controller/api/store/merchant/Merchant.php
@@ -144,13 +144,6 @@ class Merchant extends BaseController
 
     public function apply($merId)
     {
-//        $withdrawal_pwd = $this->request->param('withdrawal_pwd');
-//        if(empty($withdrawal_pwd)) return \app('json')->fail('请输入提现密码');
-//        //找到商户的密码
-//        $userInfo = \app\common\model\system\merchant\Merchant::getDB()->with('user')->where('mer_id',$merId)->find()->toArray();
-//        if (!password_verify($pwd = (string)$withdrawal_pwd, $userInfo['user']['withdrawal_pwd']))
-//            return app('json')->fail('提现密码错误');
-
             $merchant = app()->make(MerchantRepository::class)->search(['mer_id' => $merId])->field('uid,mer_id,mer_name,mer_money,financial_bank,financial_wechat,financial_alipay,financial_type,ot_margin')->find();
         if (($msg = $this->checkAuth($merchant)) !== true) {
             return app('json')->fail($msg);
@@ -182,7 +175,13 @@ class Merchant extends BaseController
 
     public function createApply($merId)
     {
-        $data = $this->request->param(['extract_money', 'financial_type', 'financial_bank_name', 'financial_bank_bank', 'financial_bank_code', 'financial_bank_branch']);
+        $data = $this->request->param(['extract_money', 'financial_type', 'financial_bank_name', 'financial_bank_bank', 'financial_bank_code', 'financial_bank_branch,withdrawal_pwd']);
+        $withdrawal_pwd = $data['withdrawal_pwd'];
+        if(empty($withdrawal_pwd)) return \app('json')->fail('请输入提现密码');
+        //找到商户的密码
+        $userInfo = \app\common\model\system\merchant\Merchant::getDB()->with('user')->where('mer_id',$merId)->find()->toArray();
+        if (!password_verify($pwd = (string)$withdrawal_pwd, $userInfo['user']['withdrawal_pwd']))
+            return app('json')->fail('提现密码错误');
         $merchant = app()->make(MerchantRepository::class)->search(['mer_id' => $merId])->field('reg_admin_id,uid,mer_id,mer_name,mer_money,financial_bank,financial_wechat,financial_alipay,financial_type')->find();
         if (($msg = $this->checkAuth($merchant)) !== true) {
             return app('json')->fail($msg);
diff --git a/route/api.php b/route/api.php
index 0091883e..0899daad 100644
--- a/route/api.php
+++ b/route/api.php
@@ -29,6 +29,9 @@ Route::group('api/', function () {
     Route::get('category/list_level', 'api.server.StoreCategory/list_level');
     //强制登录
     Route::group(function () {
+
+        Route::get('scanPay/qrcode', 'api.store.order.ScanPay/qrcode');//商家二维码
+
         Route::group('v2', function () {
             //新的下单接口,支持分账
             Route::group('order', function () {