diff --git a/src/controllers/mail.controller.ts b/src/controllers/mail.controller.ts
index 3ceb655..8da34f4 100644
--- a/src/controllers/mail.controller.ts
+++ b/src/controllers/mail.controller.ts
@@ -9,6 +9,8 @@ import {
   DEFAULT_REGIST_SUBJECT,
   DEFAULT_RESET_HTML,
   DEFAULT_RESET_SUBJECT,
+  DEFAULT_VERIFY_MAIL_HTML,
+  DEFAULT_VERIFY_MAIL_SUBJECT,
   EmailSvr,
 } from 'service/email.svr'
 import { uuid } from 'utils/security.util'
@@ -127,8 +129,21 @@ class MailController extends BaseController {
       record = new CodeRecord({ email, type, code: DEFAULT_CODE })
       await record.save()
     }
-    let html = type === CodeType.REGIST ? DEFAULT_REGIST_HTML : DEFAULT_RESET_HTML
-    let subject = type === CodeType.REGIST ? DEFAULT_REGIST_SUBJECT : DEFAULT_RESET_SUBJECT
+    let html, subject
+    switch (type) {
+      case CodeType.REGIST:
+        html = DEFAULT_REGIST_HTML
+        subject = DEFAULT_REGIST_SUBJECT
+        break
+      case CodeType.RESET:
+        html = DEFAULT_RESET_HTML
+        subject = DEFAULT_RESET_SUBJECT
+        break
+      case CodeType.VERIFY:
+        html = DEFAULT_VERIFY_MAIL_HTML
+        subject = DEFAULT_VERIFY_MAIL_SUBJECT
+    }
+
     subject = record.code + ' ' + subject
     html = html.replace('{{ocde}}', record.code)
     html = html.replace('{{time}}', new Date().format('yyyy-MM-dd hh:mm:ss'))
@@ -144,7 +159,7 @@ class MailController extends BaseController {
       record.expiredAt = Date.now() + DEFAULT_EXPIRE_TIME
       await record.save()
     } catch (err) {
-      logger.info(`error send mail:: emial: ${email}, type: ${type}`)
+      logger.info(`error send mail:: email: ${email}, type: ${type}`)
       logger.error(err)
       record.status = CodeStatus.FAIL
       await record.save()
diff --git a/src/controllers/verify.controller.ts b/src/controllers/verify.controller.ts
index 182ebce..81d2d9a 100644
--- a/src/controllers/verify.controller.ts
+++ b/src/controllers/verify.controller.ts
@@ -2,6 +2,7 @@ import BaseController, { ROLE_ANON } from 'common/base.controller'
 import { ZError } from 'common/ZError'
 import { role, router } from 'decorators/router'
 import { Account } from 'modules/Account'
+import { CodeRecord, CodeStatus, CodeType } from 'modules/CodeRecord'
 import { DEFAULT_VERIFY_HTML, EmailSvr } from 'service/email.svr'
 
 const TOKEN_PREFIX = 'eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.'
@@ -12,7 +13,7 @@ const TOKEN_PREFIX = 'eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.'
  */
 class VerifyController extends BaseController {
   /**
-   * 发送验证email的邮件
+   * 发送验证email的邮件, 通过邮件中的链接激活
    */
   @router('post /email/verify')
   async sendVerifyEmail(req, res) {
@@ -36,6 +37,32 @@ class VerifyController extends BaseController {
     return result
   }
 
+  @router('post /email/verify_by_code')
+  async verifyEmailByCode(req, res) {
+    let user = req.user
+    let { email, code } = req.params
+    if (!email || !code) {
+      throw new ZError(10, 'params mismatch')
+    }
+    await user.save()
+    let record = await CodeRecord.findByEmail(email, CodeType.VERIFY)
+    if (!record) {
+      throw new ZError(12, 'code not exists')
+    }
+    if (record.status !== CodeStatus.PENDING) {
+      throw new ZError(13, 'code expired')
+    }
+    if (record.code !== code) {
+      throw new ZError(14, 'code error')
+    }
+    user.emailReal = email
+    user.emailVerified = true
+    await user.save()
+    record.status = CodeStatus.SUCCESS
+    await record.save()
+    return {}
+  }
+
   /**
    * 邮件认证的链接
    */
diff --git a/src/modules/Account.ts b/src/modules/Account.ts
index aa2bb6c..0027215 100644
--- a/src/modules/Account.ts
+++ b/src/modules/Account.ts
@@ -10,7 +10,8 @@ export enum PlatEnum {
   TIKTOK = 2,
   FACEBOOK = 3,
   TWITTER = 4,
-  EMAIL = 5,
+  TELEGRAM = 5,
+  EMAIL = 6,
 }
 
 /**
diff --git a/src/modules/CodeRecord.ts b/src/modules/CodeRecord.ts
index 3b1b6bc..737b34c 100644
--- a/src/modules/CodeRecord.ts
+++ b/src/modules/CodeRecord.ts
@@ -12,6 +12,7 @@ export const DEFAULT_EXPIRE_TIME = 5 * 60 * 1000
 export enum CodeType {
   REGIST = 1, // 注册
   RESET = 2, // 重置密码
+  VERIFY = 3, // 验证邮箱
 }
 
 export enum CodeStatus {
diff --git a/src/service/email.svr.ts b/src/service/email.svr.ts
index 9c18dfc..416a436 100644
--- a/src/service/email.svr.ts
+++ b/src/service/email.svr.ts
@@ -25,6 +25,14 @@ export const DEFAULT_RESET_HTML = `
 <p>This is your one time code that expires in 5 minutes.</p>
 <p>Use it to login CEBG. Never share this code with anyone.</p>
 `
+export const DEFAULT_VERIFY_MAIL_SUBJECT = 'CEBG verify email code'
+export const DEFAULT_VERIFY_MAIL_HTML = `
+<h1>Your CEBG verify email code is</h1>
+<h1>{{ocde}}</h1>
+<p>{{time}}</p>
+<p>This is your one time code that expires in 5 minutes.</p>
+<p>Use it to login CEBG. Never share this code with anyone.</p>
+`
 
 export interface IMailData {
   from?: string