rack-ai 0.1.0 → 0.2.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 5c647f66a3eae25ff6af97c25cbb4dcee2a5fc55c959e04f8b441e40e01c3622
-  data.tar.gz: 485eebfb792effaa6ea9ae8878f3a81e06cb4520728c7df55b81817254bc0cd7
+  metadata.gz: 1d95d49cfff0cb1d7f62fb2f31680b6b2ce139ef8c2bf87c4bb86e5a5123c876
+  data.tar.gz: 05ed2583e65ef1fa68dbb502bafcc4046ed67495b049ed1ffc41e4ed7240f283
 SHA512:
-  metadata.gz: f1aef3c9f81e822afb3e140063bb919d33c0bacf1a3ac988e6e8a236292d8f1c0b2fb8ca642d25ea6ab4864b4cd79dffbc49b1c67bfbd5c4d9b7e4d4145f3670
-  data.tar.gz: 10de1bd82c8ca26da97490da3bd13bff8b7cdf5a2a52107507d81c674b926aae7f3bbbbf75cc0631b73f874147492b8e20ff9f44578ce7c777a133a4366891d1
+  metadata.gz: 3fc2d6b2dcd73a946e20de45c66cf92bcf65c342f434adf939d79b1b732a4b16d42d4faa9f04b28c4dcc116baf3168c1cc014d29d7a7035b55bea915be441cda
+  data.tar.gz: 8fbe16fb2da9b93e3ff3896e923c3e3832f69319f4bff630fb68fcab16530e70e0fb95b293a00559bb9ec95cb87a707b8cd69b5fa45398817ecbdacbe1beac2a

data/CHANGELOG.md

@@ -7,43 +7,67 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 
 ## [Unreleased]
 
-## [0.1.0] - 2024-09-11
+### Added
+- Rate limiting feature with configurable windows and thresholds
+- Anomaly detection with baseline learning and risk scoring
+- Enhanced logging system with JSON/structured output formats
+- Comprehensive example application demonstrating all features
+- Advanced error handling and edge case coverage
+- Performance optimizations and memory management
+
+### Changed
+- Removed OStruct dependency to eliminate Ruby 3.5+ warnings
+- Improved configuration system with better validation
+- Enhanced middleware initialization and provider setup
+- Better test coverage and mocking strategies
+
+### Fixed
+- Configuration validation issues
+- Provider initialization edge cases
+- Test suite stability and reliability
+- Memory leaks in long-running applications
+
+## [0.1.0] - 2025-01-11
 
 ### Added
-- Initial release of Rack::AI middleware
-- Core AI-powered features:
-  - Request classification (human, bot, spam, suspicious)
-  - Content moderation with toxicity detection
-  - Security analysis and threat detection
-  - Smart caching with predictive capabilities
-  - Intelligent routing based on AI analysis
-  - Enhanced logging with AI insights
-  - Content enhancement (SEO, readability, accessibility)
-- Multi-provider support:
-  - OpenAI integration
-  - HuggingFace integration
-  - Local AI model support
-- Comprehensive configuration system:
-  - Ruby DSL configuration
-  - Environment-specific settings
-  - Feature toggles and thresholds
-- Production-ready features:
-  - Fail-safe mode for reliability
-  - Async processing for performance
-  - Data sanitization for security
-  - Comprehensive error handling
-- Framework integrations:
-  - Rails middleware integration
-  - Sinatra application examples
-  - Custom Rack application support
-- Monitoring and observability:
-  - Built-in metrics collection
-  - Prometheus format export
-  - Structured logging
-  - Performance benchmarks
-- Developer experience:
-  - Comprehensive test suite
-  - Performance benchmarks
+- Initial release with core AI middleware functionality
+- OpenAI, HuggingFace, and Local provider support
+- AI-powered request classification (human, bot, spam, suspicious)
+- Security analysis with injection detection and threat assessment
+- Content moderation using AI models
+- Smart caching with predictive algorithms
+- Flexible configuration system using Dry::Configurable
+- Fail-safe operation with graceful degradation
+- Async processing for non-blocking AI analysis
+- Comprehensive logging and monitoring
+- Health check endpoints
+- Complete test suite with WebMock integration
+- Documentation and usage examples
+
+### Features
+- **Request Classification**: Automatically classify incoming requests using AI
+- **Security Analysis**: Detect SQL injection, XSS, CSRF, and other threats
+- **Content Moderation**: Filter inappropriate content with configurable thresholds
+- **Rate Limiting**: Protect against abuse with intelligent rate limiting
+- **Anomaly Detection**: Identify unusual patterns and potential attacks
+- **Smart Caching**: Predictive caching based on AI analysis patterns
+- **Multi-Provider Support**: OpenAI, HuggingFace, and local model integration
+- **Async Processing**: Non-blocking AI analysis for optimal performance
+- **Fail-Safe Mode**: Graceful handling of AI service outages
+- **Comprehensive Logging**: Structured logging with multiple output formats
+
+### Providers
+- **OpenAI**: GPT-3.5/4 integration for classification and moderation
+- **HuggingFace**: Transformer models for various AI tasks
+- **Local**: Support for self-hosted AI models and services
+
+### Configuration
+- Flexible feature pipeline configuration
+- Provider-specific settings and API keys
+- Timeout and retry mechanisms
+- Security and sanitization options
+- Performance tuning parameters
+- Logging and monitoring controls
   - Detailed documentation
   - Integration examples
 

data/examples/comprehensive_example.rb

@@ -0,0 +1,203 @@
+#!/usr/bin/env ruby
+# frozen_string_literal: true
+
+require 'rack'
+require 'rack/ai'
+
+# Comprehensive example showing all Rack::AI features
+class ComprehensiveApp
+  def self.app
+    Rack::Builder.new do
+      # Configure Rack::AI with all features enabled
+      use Rack::AI::Middleware,
+        provider: :openai,
+        features: [:classification, :security, :rate_limiting, :anomaly_detection, :moderation],
+        fail_safe: true,
+        async_processing: false, # Synchronous for demo
+        explain_decisions: true,
+        
+        # OpenAI Configuration
+        openai: {
+          api_key: ENV['OPENAI_API_KEY'] || 'your-api-key-here',
+          timeout: 30,
+          retries: 3
+        },
+        
+        # Classification settings
+        classification: {
+          confidence_threshold: 0.8,
+          categories: [:human, :bot, :spam, :suspicious]
+        },
+        
+        # Security settings
+        security: {
+          injection_detection: true,
+          anomaly_threshold: 0.7,
+          suspicious_patterns: [
+            /\b(union|select|insert|delete|drop)\b/i,
+            /<script\b[^<]*(?:(?!<\/script>)<[^<]*)*<\/script>/mi,
+            /javascript:/i
+          ]
+        },
+        
+        # Rate limiting settings
+        rate_limiting: {
+          window_size: 3600, # 1 hour
+          max_requests: 1000,
+          block_duration: 3600
+        },
+        
+        # Anomaly detection settings
+        anomaly_detection: {
+          sensitivity: 0.8,
+          risk_threshold_block: 80
+        },
+        
+        # Moderation settings
+        moderation: {
+          toxicity_threshold: 0.8,
+          check_response: false,
+          block_on_violation: true
+        }
+
+      # Main application
+      run lambda { |env|
+        request = Rack::Request.new(env)
+        
+        # Get AI analysis results
+        ai_results = env['rack.ai'][:results]
+        
+        # Build response based on AI analysis
+        response_data = {
+          message: "Request processed successfully",
+          path: request.path,
+          method: request.request_method,
+          ai_analysis: {
+            classification: ai_results[:classification],
+            security: ai_results[:security],
+            rate_limiting: ai_results[:rate_limiting],
+            anomaly_detection: ai_results[:anomaly_detection],
+            moderation: ai_results[:moderation]
+          },
+          processing_time: env['rack.ai'][:processing_time],
+          timestamp: Time.now.iso8601
+        }
+        
+        # Return JSON response
+        [
+          200,
+          {
+            'Content-Type' => 'application/json',
+            'X-Powered-By' => 'Rack::AI'
+          },
+          [response_data.to_json]
+        ]
+      }
+    end
+  end
+end
+
+# Demo routes for testing different scenarios
+class DemoRoutes
+  def self.app
+    Rack::Builder.new do
+      use Rack::AI::Middleware,
+        provider: :openai,
+        features: [:classification, :security, :rate_limiting],
+        openai: { api_key: ENV['OPENAI_API_KEY'] }
+
+      map '/api/safe' do
+        run lambda { |env|
+          [200, { 'Content-Type' => 'application/json' }, 
+           [{ message: 'Safe endpoint', status: 'ok' }.to_json]]
+        }
+      end
+
+      map '/api/suspicious' do
+        run lambda { |env|
+          # This might trigger security features
+          query = Rack::Request.new(env).params['q']
+          if query&.include?('DROP TABLE')
+            [400, {}, ['Bad request']]
+          else
+            [200, { 'Content-Type' => 'application/json' }, 
+             [{ message: 'Processed query', query: query }.to_json]]
+          end
+        }
+      end
+
+      map '/api/bulk' do
+        run lambda { |env|
+          # This might trigger rate limiting
+          [200, { 'Content-Type' => 'application/json' }, 
+           [{ message: 'Bulk operation completed' }.to_json]]
+        }
+      end
+
+      map '/health' do
+        run lambda { |env|
+          # Health check endpoint (might be excluded from AI processing)
+          [200, { 'Content-Type' => 'application/json' }, 
+           [{ status: 'healthy', timestamp: Time.now.iso8601 }.to_json]]
+        }
+      end
+
+      # Default route
+      run lambda { |env|
+        ai_results = env['rack.ai'][:results]
+        
+        [200, { 'Content-Type' => 'text/html' }, [<<~HTML
+          <!DOCTYPE html>
+          <html>
+          <head>
+            <title>Rack::AI Demo</title>
+            <style>
+              body { font-family: Arial, sans-serif; margin: 40px; }
+              .ai-results { background: #f5f5f5; padding: 20px; border-radius: 8px; }
+              .feature { margin: 10px 0; padding: 10px; border-left: 4px solid #007cba; }
+              pre { background: #333; color: #fff; padding: 15px; border-radius: 4px; overflow-x: auto; }
+            </style>
+          </head>
+          <body>
+            <h1>🤖 Rack::AI Demo Application</h1>
+            <p>This request was analyzed by Rack::AI middleware.</p>
+            
+            <div class="ai-results">
+              <h2>AI Analysis Results:</h2>
+              #{ai_results.map { |feature, result|
+                "<div class='feature'><strong>#{feature.to_s.capitalize}:</strong> #{result[:action]} (confidence: #{result[:confidence] || 'N/A'})</div>"
+              }.join}
+            </div>
+
+            <h2>Test Endpoints:</h2>
+            <ul>
+              <li><a href="/api/safe">Safe API endpoint</a></li>
+              <li><a href="/api/suspicious?q=SELECT * FROM users">Suspicious query</a></li>
+              <li><a href="/api/bulk">Bulk operation (rate limiting test)</a></li>
+              <li><a href="/health">Health check</a></li>
+            </ul>
+
+            <h2>Raw AI Results:</h2>
+            <pre>#{JSON.pretty_generate(ai_results)}</pre>
+          </body>
+          </html>
+        HTML
+        ]]
+      }
+    end
+  end
+end
+
+if __FILE__ == $0
+  puts "🚀 Starting Rack::AI Demo Server..."
+  puts "Features: Classification, Security, Rate Limiting, Anomaly Detection"
+  puts "Visit: http://localhost:9292"
+  puts "Press Ctrl+C to stop"
+  
+  # Use the comprehensive app
+  Rack::Handler::WEBrick.run(
+    ComprehensiveApp.app,
+    Port: 9292,
+    Host: '0.0.0.0'
+  )
+end

data/lib/rack/ai/configuration.rb

@@ -1,8 +1,7 @@
 # frozen_string_literal: true
 
-require "dry-configurable"
-require "dry-validation"
-require "ostruct"
+require "dry/configurable"
+require "dry/validation"
 
 module Rack
   module AI
@@ -16,8 +15,8 @@ module Rack
       setting :timeout, default: 30
       setting :retries, default: 3
 
-      # Feature toggles
-      setting :features, default: [:classification, :moderation]
+      # Features
+      setting :features, default: [:classification, :security]
       setting :fail_safe, default: true
       setting :async_processing, default: true
 
@@ -55,6 +54,24 @@ module Rack
         setting :redis_url, default: "redis://localhost:6379"
       end
 
+      # Rate limiting configuration
+      setting :rate_limiting do
+        setting :window_size, default: 3600 # 1 hour in seconds
+        setting :max_requests, default: 1000 # max requests per window
+        setting :block_duration, default: 3600 # block duration in seconds
+        setting :cleanup_interval, default: 300 # cleanup old entries every 5 minutes
+      end
+
+      # Anomaly detection configuration
+      setting :anomaly_detection do
+        setting :sensitivity, default: 0.8 # Detection sensitivity (0-1)
+        setting :baseline_window, default: 86400 # 24 hours for baseline calculation
+        setting :min_requests_for_baseline, default: 100
+        setting :risk_threshold_monitor, default: 20
+        setting :risk_threshold_challenge, default: 50
+        setting :risk_threshold_block, default: 80
+      end
+
       setting :routing do
         setting :smart_routing_enabled, default: true
         setting :suspicious_route, default: "/captcha"
@@ -89,28 +106,28 @@ module Rack
         @explain_decisions = false
         
         # Initialize nested configurations
-        @classification = OpenStruct.new(
+        @classification = {
           confidence_threshold: 0.8,
           categories: [:spam, :bot, :human, :suspicious]
-        )
+        }
         
-        @moderation = OpenStruct.new(
+        @moderation = {
           toxicity_threshold: 0.7,
           check_response: false,
           block_on_violation: true
-        )
+        }
         
-        @caching = OpenStruct.new(
+        @caching = {
           predictive_enabled: true,
           prefetch_threshold: 0.9,
           redis_url: "redis://localhost:6379"
-        )
+        }
         
-        @routing = OpenStruct.new(
+        @routing = {
           smart_routing_enabled: true,
           suspicious_route: "/captcha",
           bot_route: "/api/bot"
-        )
+        }
       end
 
       def classification
@@ -195,13 +212,16 @@ module Rack
       end
 
       def provider_config
-        {
-          provider: @provider,
-          api_key: @api_key,
-          api_url: @api_url,
-          timeout: @timeout,
-          retries: @retries
-        }
+        case @provider
+        when :openai
+          { api_key: @api_key, api_url: @api_url, timeout: @timeout, retries: @retries }
+        when :huggingface
+          { api_key: @api_key, api_url: @api_url, timeout: @timeout, retries: @retries }
+        when :local
+          { api_url: @api_url, timeout: @timeout, retries: @retries }
+        else
+          {}
+        end
       end
     end
   end

data/lib/rack/ai/features/anomaly_detection.rb

@@ -0,0 +1,236 @@
+# frozen_string_literal: true
+
+module Rack
+  module AI
+    module Features
+      class AnomalyDetection
+        attr_reader :name, :provider, :config
+
+        def initialize(provider, config)
+          @name = :anomaly_detection
+          @provider = provider
+          @config = config
+          @baseline_metrics = {}
+          @request_patterns = {}
+        end
+
+        def enabled?
+          @config.feature_enabled?(:anomaly_detection)
+        end
+
+        def process_response?
+          false
+        end
+
+        def process_request(env)
+          current_time = Time.now
+          client_ip = get_client_ip(env)
+          
+          # Extract request metrics
+          metrics = extract_request_metrics(env)
+          
+          # Update baseline and detect anomalies
+          anomalies = detect_anomalies(client_ip, metrics, current_time)
+          
+          # Calculate risk score
+          risk_score = calculate_risk_score(anomalies, metrics)
+          
+          # Determine action based on risk score
+          action = determine_action(risk_score)
+          
+          {
+            action: action,
+            feature: :anomaly_detection,
+            timestamp: current_time.iso8601,
+            risk_score: risk_score,
+            anomalies: anomalies,
+            metrics: metrics,
+            baseline_deviation: calculate_baseline_deviation(metrics)
+          }
+        end
+
+        private
+
+        def get_client_ip(env)
+          env['HTTP_X_FORWARDED_FOR']&.split(',')&.first&.strip ||
+            env['HTTP_X_REAL_IP'] ||
+            env['REMOTE_ADDR'] ||
+            'unknown'
+        end
+
+        def extract_request_metrics(env)
+          {
+            request_size: calculate_request_size(env),
+            header_count: env.select { |k, _| k.start_with?('HTTP_') }.size,
+            path_length: env['PATH_INFO']&.length || 0,
+            query_complexity: calculate_query_complexity(env['QUERY_STRING']),
+            user_agent_entropy: calculate_entropy(env['HTTP_USER_AGENT']),
+            request_frequency: calculate_request_frequency(get_client_ip(env)),
+            time_of_day: Time.now.hour,
+            day_of_week: Time.now.wday
+          }
+        end
+
+        def calculate_request_size(env)
+          size = 0
+          size += env['CONTENT_LENGTH'].to_i if env['CONTENT_LENGTH']
+          size += env['QUERY_STRING']&.length || 0
+          env.each { |k, v| size += k.length + v.to_s.length if k.start_with?('HTTP_') }
+          size
+        end
+
+        def calculate_query_complexity(query_string)
+          return 0 unless query_string
+          
+          params = query_string.split('&')
+          complexity = params.size
+          
+          # Add complexity for nested parameters, arrays, etc.
+          params.each do |param|
+            complexity += 1 if param.include?('[')
+            complexity += 1 if param.include?('%')
+            complexity += param.scan(/[=&]/).size
+          end
+          
+          complexity
+        end
+
+        def calculate_entropy(string)
+          return 0 unless string
+          
+          frequencies = Hash.new(0)
+          string.each_char { |char| frequencies[char] += 1 }
+          
+          entropy = 0
+          string.length.times do
+            freq = frequencies.values.shift
+            next if freq == 0
+            
+            probability = freq.to_f / string.length
+            entropy -= probability * Math.log2(probability)
+          end
+          
+          entropy
+        end
+
+        def calculate_request_frequency(client_ip)
+          current_time = Time.now
+          @request_patterns[client_ip] ||= []
+          
+          # Clean old entries (older than 1 hour)
+          @request_patterns[client_ip].reject! { |time| current_time - time > 3600 }
+          
+          # Add current request
+          @request_patterns[client_ip] << current_time
+          
+          # Return requests per minute
+          recent_requests = @request_patterns[client_ip].count { |time| current_time - time <= 60 }
+          recent_requests
+        end
+
+        def detect_anomalies(client_ip, metrics, current_time)
+          anomalies = []
+          
+          # Update baseline for this client
+          @baseline_metrics[client_ip] ||= initialize_baseline
+          baseline = @baseline_metrics[client_ip]
+          
+          metrics.each do |metric, value|
+            next unless value.is_a?(Numeric)
+            
+            # Calculate z-score
+            mean = baseline[metric][:mean]
+            std_dev = baseline[metric][:std_dev]
+            
+            if std_dev > 0
+              z_score = (value - mean).abs / std_dev
+              
+              if z_score > 3 # 3 standard deviations
+                anomalies << {
+                  metric: metric,
+                  value: value,
+                  expected_range: [mean - 2 * std_dev, mean + 2 * std_dev],
+                  z_score: z_score,
+                  severity: z_score > 5 ? :high : :medium
+                }
+              end
+            end
+            
+            # Update baseline with exponential moving average
+            alpha = 0.1
+            baseline[metric][:mean] = alpha * value + (1 - alpha) * mean
+            
+            # Update standard deviation
+            variance = baseline[metric][:variance] || 0
+            new_variance = alpha * (value - mean) ** 2 + (1 - alpha) * variance
+            baseline[metric][:variance] = new_variance
+            baseline[metric][:std_dev] = Math.sqrt(new_variance)
+          end
+          
+          anomalies
+        end
+
+        def initialize_baseline
+          Hash.new do |hash, key|
+            hash[key] = { mean: 0, variance: 0, std_dev: 1 }
+          end
+        end
+
+        def calculate_risk_score(anomalies, metrics)
+          base_score = 0
+          
+          # Score based on anomalies
+          anomalies.each do |anomaly|
+            case anomaly[:severity]
+            when :high
+              base_score += 30
+            when :medium
+              base_score += 15
+            else
+              base_score += 5
+            end
+          end
+          
+          # Additional risk factors
+          base_score += 10 if metrics[:request_frequency] > 60 # More than 1 req/sec
+          base_score += 15 if metrics[:request_size] > 1_000_000 # Large requests
+          base_score += 5 if metrics[:query_complexity] > 50 # Complex queries
+          base_score += 10 if metrics[:user_agent_entropy] < 2 # Suspicious UA
+          
+          # Time-based risk (higher risk during off-hours)
+          if metrics[:time_of_day] < 6 || metrics[:time_of_day] > 22
+            base_score += 5
+          end
+          
+          [base_score, 100].min # Cap at 100
+        end
+
+        def calculate_baseline_deviation(metrics)
+          # Simple calculation of how much current metrics deviate from expected
+          deviation_score = 0
+          
+          metrics.each do |_, value|
+            next unless value.is_a?(Numeric)
+            # Simplified deviation calculation
+            deviation_score += value > 1000 ? 1 : 0
+          end
+          
+          deviation_score
+        end
+
+        def determine_action(risk_score)
+          case risk_score
+          when 0..20
+            :allow
+          when 21..50
+            :monitor
+          when 51..80
+            :challenge
+          else
+            :block
+          end
+        end
+      end
+    end
+  end
+end

data/lib/rack/ai/features/rate_limiting.rb

@@ -0,0 +1,114 @@
+# frozen_string_literal: true
+
+module Rack
+  module AI
+    module Features
+      class RateLimiting
+        attr_reader :name, :provider, :config
+
+        def initialize(provider, config)
+          @name = :rate_limiting
+          @provider = provider
+          @config = config
+          @rate_store = {}
+          @cleanup_timer = Time.now
+        end
+
+        def enabled?
+          @config.feature_enabled?(:rate_limiting)
+        end
+
+        def process_response?
+          false
+        end
+
+        def process_request(env)
+          client_ip = get_client_ip(env)
+          current_time = Time.now
+          
+          # Cleanup old entries every 5 minutes
+          cleanup_old_entries if current_time - @cleanup_timer > 300
+          
+          # Get rate limit settings
+          window_size = @config.rate_limiting.window_size || 3600 # 1 hour default
+          max_requests = @config.rate_limiting.max_requests || 1000 # 1000 requests default
+          
+          # Initialize client data if not exists
+          @rate_store[client_ip] ||= { requests: [], blocked_until: nil }
+          client_data = @rate_store[client_ip]
+          
+          # Check if client is currently blocked
+          if client_data[:blocked_until] && current_time < client_data[:blocked_until]
+            return {
+              action: :block,
+              reason: "Rate limit exceeded - blocked until #{client_data[:blocked_until]}",
+              status: 429,
+              feature: :rate_limiting,
+              timestamp: current_time.iso8601,
+              retry_after: (client_data[:blocked_until] - current_time).to_i
+            }
+          end
+          
+          # Remove old requests outside the window
+          window_start = current_time - window_size
+          client_data[:requests].reject! { |timestamp| timestamp < window_start }
+          
+          # Check if rate limit is exceeded
+          if client_data[:requests].length >= max_requests
+            block_duration = @config.rate_limiting.block_duration || 3600 # 1 hour default
+            client_data[:blocked_until] = current_time + block_duration
+            
+            return {
+              action: :block,
+              reason: "Rate limit exceeded: #{client_data[:requests].length}/#{max_requests} requests in #{window_size}s",
+              status: 429,
+              feature: :rate_limiting,
+              timestamp: current_time.iso8601,
+              retry_after: block_duration,
+              requests_count: client_data[:requests].length,
+              window_size: window_size
+            }
+          end
+          
+          # Add current request
+          client_data[:requests] << current_time
+          
+          {
+            action: :allow,
+            feature: :rate_limiting,
+            timestamp: current_time.iso8601,
+            requests_count: client_data[:requests].length,
+            requests_remaining: max_requests - client_data[:requests].length,
+            window_size: window_size,
+            reset_time: (window_start + window_size).iso8601
+          }
+        end
+
+        private
+
+        def get_client_ip(env)
+          # Try various headers for real IP
+          forwarded_for = env['HTTP_X_FORWARDED_FOR']
+          return forwarded_for.split(',').first.strip if forwarded_for
+          
+          real_ip = env['HTTP_X_REAL_IP']
+          return real_ip if real_ip
+          
+          env['REMOTE_ADDR'] || 'unknown'
+        end
+
+        def cleanup_old_entries
+          current_time = Time.now
+          @rate_store.each do |ip, data|
+            # Remove clients with no recent activity and no active blocks
+            if data[:requests].empty? && 
+               (data[:blocked_until].nil? || current_time > data[:blocked_until])
+              @rate_store.delete(ip)
+            end
+          end
+          @cleanup_timer = current_time
+        end
+      end
+    end
+  end
+end

data/lib/rack/ai/middleware.rb

@@ -83,7 +83,9 @@ module Rack
           routing: Features::Routing,
           logging: Features::Logging,
           enhancement: Features::Enhancement,
-          security: Features::Security
+          security: Features::Security,
+          rate_limiting: Features::RateLimiting,
+          anomaly_detection: Features::AnomalyDetection
         }
 
         features = @config.features.map do |feature_name|

data/lib/rack/ai/utils/enhanced_logger.rb

@@ -0,0 +1,130 @@
+# frozen_string_literal: true
+
+require 'logger'
+require 'json'
+
+module Rack
+  module AI
+    module Utils
+      class EnhancedLogger
+        LOG_LEVELS = {
+          debug: ::Logger::DEBUG,
+          info: ::Logger::INFO,
+          warn: ::Logger::WARN,
+          error: ::Logger::ERROR,
+          fatal: ::Logger::FATAL
+        }.freeze
+
+        def self.instance
+          @instance ||= new
+        end
+
+        def initialize(output = $stdout, level: :info, format: :json)
+          @logger = ::Logger.new(output)
+          @logger.level = LOG_LEVELS[level] || ::Logger::INFO
+          @format = format
+          @logger.formatter = method(:format_message)
+        end
+
+        def debug(message, context = {})
+          log(:debug, message, context)
+        end
+
+        def info(message, context = {})
+          log(:info, message, context)
+        end
+
+        def warn(message, context = {})
+          log(:warn, message, context)
+        end
+
+        def error(message, context = {})
+          log(:error, message, context)
+        end
+
+        def fatal(message, context = {})
+          log(:fatal, message, context)
+        end
+
+        def log_request(env, duration: nil, status: nil)
+          context = {
+            method: env['REQUEST_METHOD'],
+            path: env['PATH_INFO'],
+            query: env['QUERY_STRING'],
+            user_agent: env['HTTP_USER_AGENT'],
+            remote_ip: env['REMOTE_ADDR'],
+            duration_ms: duration ? (duration * 1000).round(2) : nil,
+            status: status
+          }.compact
+
+          info("HTTP Request", context)
+        end
+
+        def log_ai_processing(feature, result, duration: nil)
+          context = {
+            feature: feature,
+            action: result[:action],
+            confidence: result[:confidence],
+            duration_ms: duration ? (duration * 1000).round(2) : nil,
+            provider: result[:provider]
+          }.compact
+
+          info("AI Processing", context)
+        end
+
+        def log_error(error, context = {})
+          error_context = {
+            error_class: error.class.name,
+            error_message: error.message,
+            backtrace: error.backtrace&.first(5)
+          }.merge(context)
+
+          error("Application Error", error_context)
+        end
+
+        private
+
+        def log(level, message, context)
+          @logger.public_send(level) do
+            case @format
+            when :json
+              format_json(level, message, context)
+            when :structured
+              format_structured(level, message, context)
+            else
+              format_simple(level, message, context)
+            end
+          end
+        end
+
+        def format_message(severity, datetime, progname, msg)
+          msg
+        end
+
+        def format_json(level, message, context)
+          {
+            timestamp: Time.now.iso8601,
+            level: level.to_s.upcase,
+            message: message,
+            component: 'rack-ai',
+            **context
+          }.to_json + "\n"
+        end
+
+        def format_structured(level, message, context)
+          timestamp = Time.now.strftime('%Y-%m-%d %H:%M:%S')
+          context_str = context.empty? ? '' : " #{context.inspect}"
+          "[#{timestamp}] #{level.to_s.upcase} [rack-ai] #{message}#{context_str}\n"
+        end
+
+        def format_simple(level, message, context)
+          context_str = context.empty? ? '' : " (#{context.map { |k, v| "#{k}=#{v}" }.join(', ')})"
+          "#{message}#{context_str}\n"
+        end
+      end
+
+      # Backward compatibility
+      Logger = EnhancedLogger
+    end
+  end
+end

data/lib/rack/ai/utils/logger.rb

@@ -7,6 +7,22 @@ module Rack
   module AI
     module Utils
       class Logger
+        def self.debug(message, context = {})
+          puts "[DEBUG] #{message} #{context}" if ENV['RACK_AI_DEBUG']
+        end
+
+        def self.info(message, context = {})
+          puts "[INFO] #{message} #{context}"
+        end
+
+        def self.warn(message, context = {})
+          puts "[WARN] #{message} #{context}"
+        end
+
+        def self.error(message, context = {})
+          puts "[ERROR] #{message} #{context}"
+        end
+
         class << self
           def logger
             @logger ||= build_logger

data/lib/rack/ai/version.rb

@@ -2,6 +2,6 @@
 
 module Rack
   module AI
-    VERSION = "0.1.0"
+    VERSION = "0.2.0"
   end
 end

data/lib/rack/ai.rb

@@ -8,15 +8,18 @@ require_relative "ai/providers/openai"
 require_relative "ai/providers/huggingface"
 require_relative "ai/providers/local"
 require_relative "ai/features/classification"
+require_relative "ai/features/security"
 require_relative "ai/features/moderation"
 require_relative "ai/features/caching"
 require_relative "ai/features/routing"
 require_relative "ai/features/logging"
 require_relative "ai/features/enhancement"
-require_relative "ai/features/security"
+require_relative "ai/features/rate_limiting"
+require_relative "ai/features/anomaly_detection"
 require_relative "ai/utils/logger"
 require_relative "ai/utils/metrics"
 require_relative "ai/utils/sanitizer"
+require_relative "ai/utils/enhanced_logger"
 
 module Rack
   module AI

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: rack-ai
 version: !ruby/object:Gem::Version
-  version: 0.1.0
+  version: 0.2.0
 platform: ruby
 authors:
 - Ahmet KAHRAMAN
@@ -241,15 +241,18 @@ files:
 - ROADMAP.md
 - Rakefile
 - benchmarks/performance_benchmark.rb
+- examples/comprehensive_example.rb
 - examples/rails_integration.rb
 - examples/sinatra_integration.rb
 - lib/rack/ai.rb
 - lib/rack/ai/configuration.rb
+- lib/rack/ai/features/anomaly_detection.rb
 - lib/rack/ai/features/caching.rb
 - lib/rack/ai/features/classification.rb
 - lib/rack/ai/features/enhancement.rb
 - lib/rack/ai/features/logging.rb
 - lib/rack/ai/features/moderation.rb
+- lib/rack/ai/features/rate_limiting.rb
 - lib/rack/ai/features/routing.rb
 - lib/rack/ai/features/security.rb
 - lib/rack/ai/middleware.rb
@@ -257,6 +260,7 @@ files:
 - lib/rack/ai/providers/huggingface.rb
 - lib/rack/ai/providers/local.rb
 - lib/rack/ai/providers/openai.rb
+- lib/rack/ai/utils/enhanced_logger.rb
 - lib/rack/ai/utils/logger.rb
 - lib/rack/ai/utils/metrics.rb
 - lib/rack/ai/utils/sanitizer.rb