diff --git a/src/main/java/com/aida/gateway/filter/LogoutBlacklistWebFilter.java b/src/main/java/com/aida/gateway/filter/LogoutBlacklistWebFilter.java
index a1a7f05..e2519bb 100644
--- a/src/main/java/com/aida/gateway/filter/LogoutBlacklistWebFilter.java
+++ b/src/main/java/com/aida/gateway/filter/LogoutBlacklistWebFilter.java
@@ -41,8 +41,11 @@ public class LogoutBlacklistWebFilter implements WebFilter {
             return chain.filter(exchange);
         }
 
-        // 从请求头读取 X-User-Id（内部调用，不需要鉴权）
+        // 优先从请求头读取 X-User-Id，其次从 query param 读取 userId（兼容不同客户端调用方式）
         String userId = exchange.getRequest().getHeaders().getFirst(AuthConstants.USER_ID_HEADER);
+        if (userId == null || userId.isBlank()) {
+            userId = exchange.getRequest().getQueryParams().getFirst("userId");
+        }
         if (userId == null || userId.isBlank()) {
             return writeResponse(exchange, HttpStatus.BAD_REQUEST, "{\"code\":400,\"message\":\"userId required\"}");
         }
@@ -50,12 +53,13 @@ public class LogoutBlacklistWebFilter implements WebFilter {
         String blacklistKey = AuthConstants.BLACKLIST_PREFIX + userId;
 
         // 黑名单 TTL 设为 7 天（与 JWT 有效期保持一致）
+        String finalUserId = userId;
         return redisTemplate.opsForValue()
                 .set(blacklistKey, "1")
                 .then(redisTemplate.expire(blacklistKey, Duration.ofDays(7)))
                 .then(writeResponse(exchange, HttpStatus.OK, "{\"code\":200,\"message\":\"ok\"}"))
                 .onErrorResume(e -> {
-                    log.error("Failed to add token to blacklist, userId={}", userId, e);
+                    log.error("Failed to add token to blacklist, userId={}", finalUserId, e);
                     return writeResponse(exchange, HttpStatus.INTERNAL_SERVER_ERROR,
                             "{\"code\":500,\"message\":\"internal error\"}");
                 });