django-clerk-users 0.0.2__py3-none-any.whl → 0.1.1__py3-none-any.whl

django_clerk_users/authentication/backends.py

@@ -8,7 +8,7 @@ import logging
 from typing import TYPE_CHECKING, Any
 
 from django.contrib.auth import get_user_model
-from django.contrib.auth.backends import BaseBackend
+from django.contrib.auth.backends import ModelBackend
 
 if TYPE_CHECKING:
     from django.http import HttpRequest
@@ -18,72 +18,66 @@ if TYPE_CHECKING:
 logger = logging.getLogger(__name__)
 
 
-class ClerkBackend(BaseBackend):
+class ClerkBackend(ModelBackend):
     """
     Django authentication backend for Clerk.
 
-    This backend authenticates users by their Clerk ID rather than
-    username/password. It's designed to work with Clerk's JWT-based
-    authentication.
+    This backend extends Django's ModelBackend to add Clerk ID authentication
+    while preserving standard username/password authentication. This allows:
+
+    - Superusers to log into Django admin with email/password
+    - Clerk users to authenticate via JWT tokens (clerk_id)
+    - All standard Django permission checks to work as expected
 
     To use this backend, add it to AUTHENTICATION_BACKENDS in settings:
 
         AUTHENTICATION_BACKENDS = [
             'django_clerk_users.authentication.ClerkBackend',
         ]
+
+    This is the only backend you need - it handles both Clerk authentication
+    and standard Django authentication (for admin access, etc.).
     """
 
     def authenticate(
         self,
         request: "HttpRequest | None" = None,
-        clerk_id: str | None = None,
+        username: str | None = None,
+        password: str | None = None,
         **kwargs: Any,
     ) -> "AbstractClerkUser | None":
         """
-        Authenticate a user by their Clerk ID.
+        Authenticate a user by Clerk ID or username/password.
+
+        If a clerk_id is provided in kwargs, authenticates via Clerk ID lookup.
+        Otherwise, falls back to Django's standard username/password
+        authentication (inherited from ModelBackend).
 
         Args:
             request: The current HTTP request (optional).
-            clerk_id: The Clerk user ID to authenticate.
-            **kwargs: Additional keyword arguments (ignored).
+            username: The username (email) for standard auth (optional).
+            password: The password for standard auth (optional).
+            **kwargs: Additional keyword arguments. If 'clerk_id' is present,
+                      Clerk authentication is used instead of password auth.
 
         Returns:
             The authenticated user or None if authentication fails.
         """
-        if not clerk_id:
-            return None
-
-        User = get_user_model()
-
-        try:
-            user = User.objects.get(clerk_id=clerk_id)
-            if user.is_active:
-                return user
-            logger.debug(f"User {clerk_id} is inactive")
-            return None
-        except User.DoesNotExist:
-            logger.debug(f"No user found with clerk_id: {clerk_id}")
-            return None
-
-    def get_user(self, user_id: int) -> "AbstractClerkUser | None":
-        """
-        Get a user by their Django primary key.
-
-        This method is called by Django's authentication middleware
-        to restore the user from the session.
-
-        Args:
-            user_id: The user's primary key.
-
-        Returns:
-            The user instance or None if not found.
-        """
-        User = get_user_model()
-
-        try:
-            user = User.objects.get(pk=user_id)
-            if user.is_active:
-                return user
-            return None
-        except User.DoesNotExist:
-            return None
+        # If clerk_id is provided, authenticate via Clerk
+        clerk_id = kwargs.pop("clerk_id", None)
+        if clerk_id:
+            User = get_user_model()
+
+            try:
+                user = User.objects.get(clerk_id=clerk_id)
+                if user.is_active:
+                    return user
+                logger.debug(f"User {clerk_id} is inactive")
+                return None
+            except User.DoesNotExist:
+                logger.debug(f"No user found with clerk_id: {clerk_id}")
+                return None
+
+        # Otherwise, fall back to standard Django authentication
+        # This enables superuser login via Django admin
+        return super().authenticate(request, username, password, **kwargs)

django_clerk_users/managers.py

@@ -21,29 +21,26 @@ class ClerkUserManager(BaseUserManager["AbstractClerkUser"]):
 
     def create_user(
         self,
-        clerk_id: str,
         email: str,
+        clerk_id: str | None = None,
         password: str | None = None,
         **extra_fields: Any,
     ) -> "AbstractClerkUser":
         """
-        Create and save a user with the given clerk_id and email.
+        Create and save a user with the given email and optional clerk_id.
 
         Args:
-            clerk_id: The Clerk user ID.
-            email: The user's email address.
-            password: Optional password (not used for Clerk auth, but required
-                     for Django admin compatibility).
+            email: The user's email address (required).
+            clerk_id: The Clerk user ID (optional for Django admin users).
+            password: Optional password (required for Django admin users).
             **extra_fields: Additional fields for the user model.
 
         Returns:
             The created user instance.
 
         Raises:
-            ValueError: If clerk_id or email is not provided.
+            ValueError: If email is not provided.
         """
-        if not clerk_id:
-            raise ValueError("The clerk_id must be set")
         if not email:
             raise ValueError("The email must be set")
 
@@ -62,18 +59,18 @@ class ClerkUserManager(BaseUserManager["AbstractClerkUser"]):
 
     def create_superuser(
         self,
-        clerk_id: str,
         email: str,
         password: str | None = None,
+        clerk_id: str | None = None,
         **extra_fields: Any,
     ) -> "AbstractClerkUser":
         """
-        Create and save a superuser with the given clerk_id and email.
+        Create and save a superuser with the given email.
 
         Args:
-            clerk_id: The Clerk user ID.
-            email: The user's email address.
-            password: Optional password.
+            email: The user's email address (required).
+            password: Password for the superuser (required for Django admin access).
+            clerk_id: The Clerk user ID (optional).
             **extra_fields: Additional fields for the user model.
 
         Returns:
@@ -88,7 +85,9 @@ class ClerkUserManager(BaseUserManager["AbstractClerkUser"]):
         if extra_fields.get("is_superuser") is not True:
             raise ValueError("Superuser must have is_superuser=True.")
 
-        return self.create_user(clerk_id, email, password, **extra_fields)
+        return self.create_user(
+            email=email, clerk_id=clerk_id, password=password, **extra_fields
+        )
 
     def get_by_clerk_id(self, clerk_id: str) -> "AbstractClerkUser | None":
         """

django_clerk_users/middleware/auth.py

@@ -70,18 +70,35 @@ class ClerkAuthMiddleware:
 
         Sets request.user, request.clerk_user, request.clerk_payload,
         and request.org based on the authentication result.
+
+        Supports hybrid authentication:
+        - If user is authenticated via Django session (e.g., admin login),
+          respects that authentication and skips Clerk JWT validation
+        - Otherwise, attempts Clerk JWT authentication
         """
         # Initialize attributes
         request.clerk_user = None  # type: ignore
         request.clerk_payload = None  # type: ignore
         request.org = None  # type: ignore
 
-        # Check if user is already authenticated via session
-        if self._is_session_valid(request):
-            # User is already authenticated, just set clerk attributes
-            request.clerk_user = request.user  # type: ignore
-            request.org = request.session.get("clerk_org_id")  # type: ignore
-            return
+        # Check if user is already authenticated via Django's standard auth
+        # (e.g., admin login with username/password)
+        if hasattr(request, "user") and request.user.is_authenticated:
+            # Check if this is a Clerk session or a traditional Django session
+            if self._is_clerk_session(request):
+                # This is a Clerk session, validate it
+                if self._is_session_valid(request):
+                    # Clerk session is still valid
+                    request.clerk_user = request.user  # type: ignore
+                    request.org = request.session.get("clerk_org_id")  # type: ignore
+                    return
+                # Clerk session expired, clear it and try JWT auth below
+                self._clear_session(request)
+            else:
+                # This is a traditional Django session (e.g., admin login)
+                # Don't interfere with it - just skip Clerk authentication
+                logger.debug("Using existing Django session (non-Clerk)")
+                return
 
         # Try to authenticate via JWT token
         try:
@@ -128,14 +145,26 @@ class ClerkAuthMiddleware:
         if created:
             logger.info(f"Created new user: {user.email} ({user.clerk_id})")
 
+    def _is_clerk_session(self, request: "HttpRequest") -> bool:
+        """
+        Check if the current session is a Clerk-authenticated session.
+
+        Returns True if this session was created by Clerk authentication,
+        False if it's a traditional Django session (e.g., admin login).
+        """
+        # Clerk sessions have the last_clerk_check timestamp
+        return "last_clerk_check" in request.session
+
     def _is_session_valid(self, request: "HttpRequest") -> bool:
         """
-        Check if the current session is valid and doesn't need revalidation.
+        Check if the current Clerk session is valid and doesn't need revalidation.
 
         Returns True if:
         1. User is authenticated in session
         2. The session hasn't expired
         3. The re-validation interval hasn't passed
+
+        Note: This method should only be called for Clerk sessions.
         """
         if not hasattr(request, "user") or not request.user.is_authenticated:
             return False

django_clerk_users/migrations/0002_make_clerk_id_nullable.py

@@ -0,0 +1,24 @@
+# Generated migration for hybrid authentication support
+
+from django.db import migrations, models
+
+
+class Migration(migrations.Migration):
+    dependencies = [
+        ("django_clerk_users", "0001_initial"),
+    ]
+
+    operations = [
+        migrations.AlterField(
+            model_name="clerkuser",
+            name="clerk_id",
+            field=models.CharField(
+                blank=True,
+                db_index=True,
+                help_text="Unique identifier from Clerk. Can be null for Django admin users.",
+                max_length=255,
+                null=True,
+                unique=True,
+            ),
+        ),
+    ]

django_clerk_users/models.py

@@ -43,9 +43,15 @@ class AbstractClerkUser(AbstractBaseUser, PermissionsMixin):
         max_length=255,
         unique=True,
         db_index=True,
-        help_text="Unique identifier from Clerk.",
+        null=True,
+        blank=True,
+        help_text="Unique identifier from Clerk. Can be null for Django admin users.",
     )
 
+    # Password field for Django admin compatibility
+    # Inherited from AbstractBaseUser, but we make it explicit that it's optional
+    # for Clerk users (who authenticate via JWT) but required for admin users
+
     # Standard user fields
     email = models.EmailField(
         unique=True,
@@ -104,7 +110,7 @@ class AbstractClerkUser(AbstractBaseUser, PermissionsMixin):
     objects = ClerkUserManager()
 
     USERNAME_FIELD = "email"
-    REQUIRED_FIELDS = ["clerk_id"]
+    REQUIRED_FIELDS = []  # Changed to empty - clerk_id is optional for admin users
 
     class Meta:
         abstract = True

django_clerk_users/organizations/migrations/0001_initial.py

@@ -0,0 +1,349 @@
+# Generated by Django 5.2.8 on 2026-01-13 18:24
+
+import django.db.models.deletion
+import django.utils.timezone
+import uuid
+from django.conf import settings
+from django.db import migrations, models
+
+
+class Migration(migrations.Migration):
+    initial = True
+
+    dependencies = [
+        migrations.swappable_dependency(settings.AUTH_USER_MODEL),
+    ]
+
+    operations = [
+        migrations.CreateModel(
+            name="Organization",
+            fields=[
+                (
+                    "id",
+                    models.BigAutoField(
+                        auto_created=True,
+                        primary_key=True,
+                        serialize=False,
+                        verbose_name="ID",
+                    ),
+                ),
+                (
+                    "uid",
+                    models.UUIDField(
+                        db_index=True,
+                        default=uuid.uuid4,
+                        editable=False,
+                        help_text="Public unique identifier for the organization.",
+                    ),
+                ),
+                (
+                    "clerk_id",
+                    models.CharField(
+                        db_index=True,
+                        help_text="Unique identifier from Clerk.",
+                        max_length=255,
+                        unique=True,
+                    ),
+                ),
+                (
+                    "name",
+                    models.CharField(help_text="Organization name.", max_length=255),
+                ),
+                (
+                    "slug",
+                    models.SlugField(
+                        help_text="URL-friendly organization identifier.",
+                        max_length=255,
+                    ),
+                ),
+                (
+                    "image_url",
+                    models.URLField(
+                        blank=True,
+                        default="",
+                        help_text="URL to organization logo from Clerk.",
+                        max_length=500,
+                    ),
+                ),
+                (
+                    "public_metadata",
+                    models.JSONField(
+                        blank=True,
+                        default=dict,
+                        help_text="Public metadata from Clerk.",
+                    ),
+                ),
+                (
+                    "private_metadata",
+                    models.JSONField(
+                        blank=True,
+                        default=dict,
+                        help_text="Private metadata from Clerk.",
+                    ),
+                ),
+                (
+                    "is_active",
+                    models.BooleanField(
+                        db_index=True,
+                        default=True,
+                        help_text="Whether the organization is active.",
+                    ),
+                ),
+                (
+                    "members_count",
+                    models.PositiveIntegerField(
+                        default=0, help_text="Number of members in the organization."
+                    ),
+                ),
+                (
+                    "pending_invitations_count",
+                    models.PositiveIntegerField(
+                        default=0, help_text="Number of pending invitations."
+                    ),
+                ),
+                (
+                    "max_allowed_memberships",
+                    models.PositiveIntegerField(
+                        default=0,
+                        help_text="Maximum allowed memberships (0 = unlimited).",
+                    ),
+                ),
+                (
+                    "created_at",
+                    models.DateTimeField(
+                        default=django.utils.timezone.now,
+                        help_text="When the organization was created in Clerk.",
+                    ),
+                ),
+                (
+                    "updated_at",
+                    models.DateTimeField(
+                        auto_now=True,
+                        help_text="When the organization was last updated.",
+                    ),
+                ),
+            ],
+            options={
+                "verbose_name": "Organization",
+                "verbose_name_plural": "Organizations",
+                "ordering": ["-created_at"],
+                "indexes": [
+                    models.Index(
+                        fields=["clerk_id"], name="clerk_organ_clerk_i_b2b811_idx"
+                    ),
+                    models.Index(fields=["slug"], name="clerk_organ_slug_6c2124_idx"),
+                    models.Index(
+                        fields=["is_active"], name="clerk_organ_is_acti_67b48f_idx"
+                    ),
+                ],
+            },
+        ),
+        migrations.CreateModel(
+            name="OrganizationInvitation",
+            fields=[
+                (
+                    "id",
+                    models.BigAutoField(
+                        auto_created=True,
+                        primary_key=True,
+                        serialize=False,
+                        verbose_name="ID",
+                    ),
+                ),
+                (
+                    "clerk_invitation_id",
+                    models.CharField(
+                        db_index=True,
+                        help_text="Unique invitation identifier from Clerk.",
+                        max_length=255,
+                        unique=True,
+                    ),
+                ),
+                (
+                    "email_address",
+                    models.EmailField(
+                        help_text="Email address of the invitee.", max_length=254
+                    ),
+                ),
+                (
+                    "role",
+                    models.CharField(
+                        default="member",
+                        help_text="Role the user will have upon accepting.",
+                        max_length=100,
+                    ),
+                ),
+                (
+                    "status",
+                    models.CharField(
+                        choices=[
+                            ("pending", "Pending"),
+                            ("accepted", "Accepted"),
+                            ("revoked", "Revoked"),
+                        ],
+                        db_index=True,
+                        default="pending",
+                        help_text="Invitation status.",
+                        max_length=20,
+                    ),
+                ),
+                (
+                    "public_metadata",
+                    models.JSONField(
+                        blank=True,
+                        default=dict,
+                        help_text="Public metadata from Clerk.",
+                    ),
+                ),
+                (
+                    "private_metadata",
+                    models.JSONField(
+                        blank=True,
+                        default=dict,
+                        help_text="Private metadata from Clerk.",
+                    ),
+                ),
+                (
+                    "created_at",
+                    models.DateTimeField(
+                        default=django.utils.timezone.now,
+                        help_text="When the invitation was created.",
+                    ),
+                ),
+                (
+                    "updated_at",
+                    models.DateTimeField(
+                        auto_now=True, help_text="When the invitation was last updated."
+                    ),
+                ),
+                (
+                    "inviter",
+                    models.ForeignKey(
+                        blank=True,
+                        help_text="The user who sent the invitation.",
+                        null=True,
+                        on_delete=django.db.models.deletion.SET_NULL,
+                        related_name="sent_invitations",
+                        to=settings.AUTH_USER_MODEL,
+                    ),
+                ),
+                (
+                    "organization",
+                    models.ForeignKey(
+                        help_text="The organization.",
+                        on_delete=django.db.models.deletion.CASCADE,
+                        related_name="invitations",
+                        to="clerk_organizations.organization",
+                    ),
+                ),
+            ],
+            options={
+                "verbose_name": "Organization Invitation",
+                "verbose_name_plural": "Organization Invitations",
+                "ordering": ["-created_at"],
+                "indexes": [
+                    models.Index(
+                        fields=["clerk_invitation_id"],
+                        name="clerk_organ_clerk_i_53d078_idx",
+                    ),
+                    models.Index(
+                        fields=["status"], name="clerk_organ_status_bef241_idx"
+                    ),
+                    models.Index(
+                        fields=["email_address"], name="clerk_organ_email_a_b3359c_idx"
+                    ),
+                ],
+            },
+        ),
+        migrations.CreateModel(
+            name="OrganizationMember",
+            fields=[
+                (
+                    "id",
+                    models.BigAutoField(
+                        auto_created=True,
+                        primary_key=True,
+                        serialize=False,
+                        verbose_name="ID",
+                    ),
+                ),
+                (
+                    "clerk_membership_id",
+                    models.CharField(
+                        db_index=True,
+                        help_text="Unique membership identifier from Clerk.",
+                        max_length=255,
+                        unique=True,
+                    ),
+                ),
+                (
+                    "role",
+                    models.CharField(
+                        default="member",
+                        help_text="User's role in the organization (e.g., 'admin', 'member').",
+                        max_length=100,
+                    ),
+                ),
+                (
+                    "public_metadata",
+                    models.JSONField(
+                        blank=True,
+                        default=dict,
+                        help_text="Public metadata from Clerk.",
+                    ),
+                ),
+                (
+                    "private_metadata",
+                    models.JSONField(
+                        blank=True,
+                        default=dict,
+                        help_text="Private metadata from Clerk.",
+                    ),
+                ),
+                (
+                    "joined_at",
+                    models.DateTimeField(
+                        default=django.utils.timezone.now,
+                        help_text="When the user joined the organization.",
+                    ),
+                ),
+                (
+                    "updated_at",
+                    models.DateTimeField(
+                        auto_now=True, help_text="When the membership was last updated."
+                    ),
+                ),
+                (
+                    "organization",
+                    models.ForeignKey(
+                        help_text="The organization.",
+                        on_delete=django.db.models.deletion.CASCADE,
+                        related_name="cached_members",
+                        to="clerk_organizations.organization",
+                    ),
+                ),
+                (
+                    "user",
+                    models.ForeignKey(
+                        help_text="The user.",
+                        on_delete=django.db.models.deletion.CASCADE,
+                        related_name="organization_memberships",
+                        to=settings.AUTH_USER_MODEL,
+                    ),
+                ),
+            ],
+            options={
+                "verbose_name": "Organization Member",
+                "verbose_name_plural": "Organization Members",
+                "ordering": ["-joined_at"],
+                "indexes": [
+                    models.Index(
+                        fields=["clerk_membership_id"],
+                        name="clerk_organ_clerk_m_10f2c5_idx",
+                    ),
+                    models.Index(fields=["role"], name="clerk_organ_role_645ce1_idx"),
+                ],
+                "unique_together": {("organization", "user")},
+            },
+        ),
+    ]

django_clerk_users/organizations/models.py

@@ -133,10 +133,8 @@ class Organization(models.Model):
         Returns:
             Tuple of (success, message)
         """
-        from django_clerk_users.utils import update_or_create_clerk_user
-
         try:
-            from django_clerk_users.organizations.utils import (
+            from django_clerk_users.organizations.webhooks import (
                 update_or_create_organization,
             )
 

{django_clerk_users-0.0.2.dist-info → django_clerk_users-0.1.1.dist-info}/METADATA

@@ -1,11 +1,12 @@
 Metadata-Version: 2.4
 Name: django-clerk-users
-Version: 0.0.2
+Version: 0.1.1
 Summary: Integrate Clerk with Django
 Project-URL: Changelog, https://github.com/jmitchel3/django-clerk-users
 Project-URL: Documentation, https://github.com/jmitchel3/django-clerk-users
 Project-URL: Funding, https://github.com/jmitchel3/django-clerk-users
 Project-URL: Repository, https://github.com/jmitchel3/django-clerk-users
+License-File: LICENSE
 Classifier: Development Status :: 4 - Beta
 Classifier: Framework :: Django
 Classifier: Framework :: Django :: 4.2
@@ -14,14 +15,12 @@ Classifier: Programming Language :: Python :: 3.12
 Classifier: Programming Language :: Python :: 3.13
 Classifier: Programming Language :: Python :: 3.14
 Requires-Python: >=3.12
-Description-Content-Type: text/markdown
-License-File: LICENSE
-Requires-Dist: django>=4.2
 Requires-Dist: clerk-backend-api>=1.0.0
+Requires-Dist: django>=4.2
 Requires-Dist: svix>=1.0.0
 Provides-Extra: drf
-Requires-Dist: djangorestframework>=3.14; extra == "drf"
-Dynamic: license-file
+Requires-Dist: djangorestframework>=3.14; extra == 'drf'
+Description-Content-Type: text/markdown
 
 # Django Clerk Users
 
@@ -114,12 +113,30 @@ MIDDLEWARE = [
 
 ### 5. Add authentication backend
 
+**For Clerk-only authentication:**
+
 ```python
 AUTHENTICATION_BACKENDS = [
     "django_clerk_users.authentication.ClerkBackend",
 ]
 ```
 
+**For hybrid authentication (Clerk + Django admin):**
+
+If you want to support both Clerk authentication (JWT) and traditional Django admin login (username/password), use both backends:
+
+```python
+AUTHENTICATION_BACKENDS = [
+    "django.contrib.auth.backends.ModelBackend",  # For Django admin
+    "django_clerk_users.authentication.ClerkBackend",  # For Clerk JWT
+]
+```
+
+This allows:
+- Admin users to log in via Django admin with username/password
+- Frontend users to authenticate via Clerk JWT tokens
+- The middleware automatically detects which authentication method was used
+
 ### 6. Run migrations
 
 ```bash
@@ -141,6 +158,21 @@ urlpatterns = [
 
 Then configure your Clerk Dashboard to send webhooks to `https://your-app.com/webhooks/clerk/`.
 
+### 8. Create admin users (for hybrid authentication)
+
+If you're using hybrid authentication, create an admin user for Django admin access:
+
+```bash
+python manage.py createsuperuser
+```
+
+This creates a user with:
+- Username/password authentication (for Django admin)
+- No `clerk_id` (since they're not Clerk users)
+- Access to Django admin panel
+
+Note: Regular Clerk users are created automatically via webhooks when they sign up through your frontend.
+
 ## Usage
 
 ### Accessing the user in views
@@ -179,6 +211,55 @@ REST_FRAMEWORK = {
 }
 ```
 
+## Hybrid Authentication (Clerk + Django Admin)
+
+The package supports hybrid authentication, allowing you to use both Clerk (JWT-based) authentication for your frontend users and traditional Django admin authentication for internal staff.
+
+### How it works
+
+1. **Frontend users**: Authenticate via Clerk JWT tokens (handled by `ClerkAuthMiddleware`)
+2. **Admin users**: Authenticate via username/password (handled by Django's `ModelBackend`)
+3. The middleware automatically detects which authentication method was used and respects existing sessions
+
+### Configuration
+
+```python
+# settings.py
+AUTHENTICATION_BACKENDS = [
+    "django.contrib.auth.backends.ModelBackend",  # For Django admin
+    "django_clerk_users.authentication.ClerkBackend",  # For Clerk JWT
+]
+```
+
+### Creating admin users
+
+Admin users don't need a `clerk_id` (it's optional in hybrid mode):
+
+```bash
+python manage.py createsuperuser
+# Email: admin@example.com
+# Password: ********
+```
+
+This creates a user with:
+- Username/password authentication (no Clerk integration)
+- Access to Django admin panel at `/admin/`
+- Standard Django permissions (is_staff, is_superuser)
+
+### Session handling
+
+- **Django admin sessions**: Traditional session cookies (set by Django's auth system)
+- **Clerk sessions**: JWT validated once, then cached in session with `last_clerk_check` marker
+- The middleware checks for `last_clerk_check` to distinguish between the two types
+
+### Use cases
+
+This is particularly useful when:
+- Your admin panel is on a different domain than your frontend
+- You want internal staff to access Django admin without Clerk accounts
+- You need traditional Django auth features (permissions, groups, etc.)
+- You're migrating from Django auth to Clerk gradually
+
 ## Organizations (Optional)
 
 For Clerk organization support:
@@ -215,9 +296,11 @@ python manage.py sync_clerk_organizations
 | `CLERK_SECRET_KEY` | Yes | - | Your Clerk secret key |
 | `CLERK_WEBHOOK_SIGNING_KEY` | Yes* | - | Webhook signing secret (*required for webhooks) |
 | `CLERK_FRONTEND_HOSTS` | Yes | `[]` | Authorized frontend URLs |
-| `CLERK_SESSION_REVALIDATION_SECONDS` | No | `300` | JWT revalidation interval |
-| `CLERK_CACHE_TIMEOUT` | No | `300` | User cache timeout |
-| `CLERK_ORG_CACHE_TIMEOUT` | No | `900` | Organization cache timeout |
+| `CLERK_AUTH_PARTIES` | No | `[]` | Alias for `CLERK_FRONTEND_HOSTS` |
+| `CLERK_SESSION_REVALIDATION_SECONDS` | No | `300` | JWT revalidation interval (seconds) |
+| `CLERK_CACHE_TIMEOUT` | No | `300` | User cache timeout (seconds) |
+| `CLERK_ORG_CACHE_TIMEOUT` | No | `900` | Organization cache timeout (seconds) |
+| `CLERK_WEBHOOK_DEDUP_TIMEOUT` | No | `45` | Webhook deduplication cache timeout (seconds) |
 
 ## License
 

{django_clerk_users-0.0.2.dist-info → django_clerk_users-0.1.1.dist-info}/RECORD

@@ -5,13 +5,13 @@ django_clerk_users/checks.py,sha256=gnHccAyXixtGToGhgWl4gfCY-qPB5ckimpDVadOP3E4,
 django_clerk_users/client.py,sha256=-nBXsPOibVwD7zXQ-Z-qTBb7NyPuUZpvlDcAlDVFUBA,815
 django_clerk_users/decorators.py,sha256=Hm86XIxNdSiuDmqT8tFRrz6sQR9IOxB7zfxfO8MeJLg,5011
 django_clerk_users/exceptions.py,sha256=nVTJR1d5PxuMqC8js1Sj-MRHJHkI4KUwphjuCEN4fiM,890
-django_clerk_users/managers.py,sha256=PH1sk0LB9Fj8qrYG5jzpBKqWUbmaSZ3zaXEbx4eNjdY,3581
-django_clerk_users/models.py,sha256=cCSgKoBivdijfLeiOoxwpber2tqNSCua5pBcQ7BbXQQ,4873
+django_clerk_users/managers.py,sha256=HvSkGeiQhjA6EFXrW4GTlxXtlRDtlT54BbwbvnNuOWg,3610
+django_clerk_users/models.py,sha256=DMcEnGNioGX5xsP4U47ich1L_UoZNAFEDb-vZVVV8Tk,5210
 django_clerk_users/settings.py,sha256=pRyt_kSPWOT8CkTvyce3sf0RxfIoG5DEwnGUT8bIDi8,1305
 django_clerk_users/testing.py,sha256=ZoYi7dG_HjSp19_c1AvILOoCfHlofs7LN-5ALS_UhDw,12160
 django_clerk_users/utils.py,sha256=bQWfPUKfVvXi69Ctny1T1Kxzk-qMDpXQBRVa6URH53I,5886
 django_clerk_users/authentication/__init__.py,sha256=PStQVzC-CA2Guyo4ksrxP58o93mfygW4qcJXWEjs6ak,614
-django_clerk_users/authentication/backends.py,sha256=We0P2AhMv_DB_ZwtFGmmjWKvT5Cewy441Iua2lAZZCg,2400
+django_clerk_users/authentication/backends.py,sha256=bDJ2mEO66xhcJPc6f-jYa3F9x-PJ4RJrm9GD-pCTo6Y,2855
 django_clerk_users/authentication/drf.py,sha256=AqHvZTe9RnxN7FVzlSUXR72QBj2imGglkx9rpOrRDIk,3215
 django_clerk_users/authentication/utils.py,sha256=tpnRXQLbQPkosKV8OhxtXpapuema4c08g58YYmMl3js,5326
 django_clerk_users/management/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
@@ -20,22 +20,24 @@ django_clerk_users/management/commands/migrate_users_to_clerk.py,sha256=qjw4Q6pU
 django_clerk_users/management/commands/sync_clerk_organizations.py,sha256=G1kasAPvvwM-PPb5xXxKNlex_-gWyKDP2HLS5g8hVkk,6656
 django_clerk_users/management/commands/sync_clerk_users.py,sha256=hvWrvcqAkZHvjqQAOj3-e6pKx5TKtArmlsHDUottRMM,3755
 django_clerk_users/middleware/__init__.py,sha256=tnr4eBer0KGVBAZBgBQZVpcL7jf8t2_CBLsMnau5JW4,153
-django_clerk_users/middleware/auth.py,sha256=LTUE_gFXlBRNg9kk2mHmHNKz3gpWKgCs66xyKE1_k1c,7435
+django_clerk_users/middleware/auth.py,sha256=FLo4DHkiL3QnEPZsvJDGFIahfH1HUcqkBEzYXEx0fN0,8889
 django_clerk_users/migrations/0001_initial.py,sha256=tnPvGlLnWrItuhYS0s5mr3TJ8__2e_yNKJS4nsFuWhk,6246
+django_clerk_users/migrations/0002_make_clerk_id_nullable.py,sha256=OXad63KPFTMLn2lkwkuNkr8ZbM6BiNlsw6z72fhY-eU,640
 django_clerk_users/migrations/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
 django_clerk_users/organizations/__init__.py,sha256=NZU2C8F4Trm63_qaUf78jROKz6XFnu36uREkw7g_yho,270
 django_clerk_users/organizations/admin.py,sha256=u7qHMgb11akHiJ2FCzqbSLQ3_TsTiejf0wH10f5_PPQ,1838
 django_clerk_users/organizations/apps.py,sha256=IgKNl5REkAgLDHC06GFI-a3x3Mi2HWN4L-El0Ef6CE8,252
 django_clerk_users/organizations/middleware.py,sha256=5Gvu28SCEqpuIjr2Fah5O85m0wnjMiDp4vxdvVzJh68,4129
-django_clerk_users/organizations/models.py,sha256=2YWLHuWCo2Q3pEq_Gx5SadUGqSmi8MZhEDdfeVn1URo,8673
+django_clerk_users/organizations/models.py,sha256=rGy3udfo2xO6XBMPHS7eTTk9meyxx_3GI9zL9lH-ScY,8602
 django_clerk_users/organizations/webhooks.py,sha256=zp16_vL5j7DEaVC5ZxgYwrE8zPpUsRIq8TGBd8SYhoo,14321
+django_clerk_users/organizations/migrations/0001_initial.py,sha256=NXZ63PLqkX0ebavvLk6aHOffiFDq0pZamEelb6PG4Yg,12625
+django_clerk_users/organizations/migrations/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
 django_clerk_users/webhooks/__init__.py,sha256=XlpsPmc_lHQkZVMeuXce_2hsq7WZzXOXNy36kiQA5Lk,558
 django_clerk_users/webhooks/handlers.py,sha256=GnotJNhN809DsrbfZjtJD0KurThKyAXZS982a41ljwg,9457
 django_clerk_users/webhooks/security.py,sha256=Ig2ZxF8SxX5o-4bNRehFhip4hVvcQxoGsTj3sTY3WSU,3461
 django_clerk_users/webhooks/signals.py,sha256=bytshg7IMDnlvnCZ0_TGjUXZZLRNxtn2RSx97qacZ-w,1668
 django_clerk_users/webhooks/views.py,sha256=0-ilzzO7tBfc-pENMy0ZSSkQ4uPqH2QAt249EK2wQKA,2287
-django_clerk_users-0.0.2.dist-info/licenses/LICENSE,sha256=X4PZDRQG4RmPhHU5c0G21Ki9LXWDCuLQ8W4mnED5RDU,1071
-django_clerk_users-0.0.2.dist-info/METADATA,sha256=pQfVSZMxsGZH7UB9mBkus-SKoictxbzp9fvkXHh9Jiw,5700
-django_clerk_users-0.0.2.dist-info/WHEEL,sha256=_zCd3N1l69ArxyTb8rzEoP9TpbYXkqRFSNOD5OuxnTs,91
-django_clerk_users-0.0.2.dist-info/top_level.txt,sha256=m2CUZNVRrrVHorKdGlRLuGJbc0NFgx1f2GGjpTLuGXY,19
-django_clerk_users-0.0.2.dist-info/RECORD,,
+django_clerk_users-0.1.1.dist-info/METADATA,sha256=8wVBDTc-ndo9AlgsDuoxglUmzS1SfV4tM3E0iHgP5jk,8687
+django_clerk_users-0.1.1.dist-info/WHEEL,sha256=WLgqFyCfm_KASv4WHyYy0P3pM_m7J5L9k2skdKLirC8,87
+django_clerk_users-0.1.1.dist-info/licenses/LICENSE,sha256=X4PZDRQG4RmPhHU5c0G21Ki9LXWDCuLQ8W4mnED5RDU,1071
+django_clerk_users-0.1.1.dist-info/RECORD,,

{django_clerk_users-0.0.2.dist-info → django_clerk_users-0.1.1.dist-info}/WHEEL

@@ -1,5 +1,4 @@
 Wheel-Version: 1.0
-Generator: setuptools (80.9.0)
+Generator: hatchling 1.28.0
 Root-Is-Purelib: true
 Tag: py3-none-any
-

django_clerk_users-0.0.2.dist-info/top_level.txt

@@ -1 +0,0 @@
-django_clerk_users