feat(auth): 内部 JwtAuthenticationFilter 增加 userType 传递

- 从 Token 解析 userType 并存入 authentication.details
- 供下游 AuthUtil 获取 userType 进行权限校验

gym-manage-api/manage-sys/src/main/java/cn/novalon/gym/manage/sys/security/JwtAuthenticationFilter.java

@@ -37,6 +37,7 @@ public class JwtAuthenticationFilter implements WebFilter {
             String username = jwtTokenProvider.getUsernameFromToken(token);
             jwtTokenProvider.getUserIdFromToken(token);
             List<String> roles = jwtTokenProvider.getRolesFromToken(token);
+            String userType = jwtTokenProvider.getUserTypeFromToken(token);
             
             List<SimpleGrantedAuthority> authorities = roles.stream()
                     .map(role -> new SimpleGrantedAuthority("ROLE_" + role))
@@ -53,6 +54,9 @@ public class JwtAuthenticationFilter implements WebFilter {
                     authorities
                 );
             
+            // 将 userType 存入 authentication details，供后续 AuthUtil 使用
+            authentication.setDetails(userType);
+            
             return chain.filter(exchange)
                 .contextWrite(ReactiveSecurityContextHolder.withAuthentication(authentication));
         }