diff --git a/gym-manage-api/manage-sys/src/main/java/cn/novalon/gym/manage/sys/util/AuthUtil.java b/gym-manage-api/manage-sys/src/main/java/cn/novalon/gym/manage/sys/util/AuthUtil.java
index 14c5531..29367a4 100644
--- a/gym-manage-api/manage-sys/src/main/java/cn/novalon/gym/manage/sys/util/AuthUtil.java
+++ b/gym-manage-api/manage-sys/src/main/java/cn/novalon/gym/manage/sys/util/AuthUtil.java
@@ -29,4 +29,38 @@ public class AuthUtil {
         if (jwtTokenProvider.getUserIdFromToken(token) <= 0L) throw new IllegalArgumentException("ID无效");
         return jwtTokenProvider.getUserIdFromToken(token);
     }
-}
\ No newline at end of file
+
+    /**
+     * 获取当前 ADMIN 用户 ID，校验 userType 必须为 ADMIN
+     */
+    public Long getAdminUserIdOrThrow(ServerRequest request) {
+        String token = extractToken(request);
+        if (token == null) throw new ResponseStatusException(HttpStatus.UNAUTHORIZED, "缺少 Token");
+        if (!jwtTokenProvider.validateToken(token)) throw new ResponseStatusException(HttpStatus.UNAUTHORIZED, "Token 无效或已过期");
+        String userType = jwtTokenProvider.getUserTypeFromToken(token);
+        if (!"ADMIN".equals(userType)) {
+            log.warn("非管理员用户尝试访问管理端接口, userType={}", userType);
+            throw new ResponseStatusException(HttpStatus.FORBIDDEN, "无权访问管理端接口");
+        }
+        Long userId = jwtTokenProvider.getUserIdFromToken(token);
+        if (userId <= 0L) throw new IllegalArgumentException("ID无效");
+        return userId;
+    }
+
+    /**
+     * 获取当前 MEMBER 用户 ID，校验 userType 必须为 MEMBER
+     */
+    public Long getMemberUserIdOrThrow(ServerRequest request) {
+        String token = extractToken(request);
+        if (token == null) throw new ResponseStatusException(HttpStatus.UNAUTHORIZED, "缺少 Token");
+        if (!jwtTokenProvider.validateToken(token)) throw new ResponseStatusException(HttpStatus.UNAUTHORIZED, "Token 无效或已过期");
+        String userType = jwtTokenProvider.getUserTypeFromToken(token);
+        if (!"MEMBER".equals(userType)) {
+            log.warn("非会员用户尝试访问会员接口, userType={}", userType);
+            throw new ResponseStatusException(HttpStatus.FORBIDDEN, "无权访问会员接口");
+        }
+        Long userId = jwtTokenProvider.getUserIdFromToken(token);
+        if (userId <= 0L) throw new IllegalArgumentException("ID无效");
+        return userId;
+    }
+}