rack-ai 0.1.0 → 0.3.0

data/examples/rails_integration_advanced.rb

@@ -0,0 +1,353 @@
+# frozen_string_literal: true
+
+# Advanced Rails Integration Example for Rack::AI
+# This example demonstrates how to integrate Rack::AI with a Rails application
+# using all available features and advanced configuration options.
+
+require 'rails'
+require 'rack/ai'
+
+class RailsAiIntegrationApp < Rails::Application
+  # Basic Rails configuration
+  config.load_defaults 7.0
+  config.eager_load = false
+  config.cache_classes = false
+  config.consider_all_requests_local = true
+  config.secret_key_base = 'test_secret_key_base_for_rack_ai_demo'
+
+  # Configure Rack::AI with all features enabled
+  config.middleware.use Rack::AI::Middleware,
+    provider: :openai,
+    api_key: ENV['OPENAI_API_KEY'] || 'your-openai-api-key-here',
+    features: [:classification, :security, :moderation, :caching, :routing, :logging, :enhancement, :rate_limiting, :anomaly_detection],
+    fail_safe: true,
+    async_processing: true,
+    sanitize_logs: true,
+    explain_decisions: true,
+    
+    # Classification settings
+    classification: {
+      confidence_threshold: 0.8,
+      categories: [:human, :bot, :spam, :suspicious]
+    },
+    
+    # Security settings
+    security: {
+      injection_detection: true,
+      anomaly_threshold: 0.7,
+      block_suspicious: true
+    },
+    
+    # Moderation settings
+    moderation: {
+      toxicity_threshold: 0.6,
+      check_response: false,
+      block_on_violation: true
+    },
+    
+    # Caching settings
+    caching: {
+      predictive_enabled: true,
+      prefetch_threshold: 0.9,
+      redis_url: ENV['REDIS_URL'] || 'redis://localhost:6379'
+    },
+    
+    # Routing settings
+    routing: {
+      smart_routing_enabled: true,
+      suspicious_route: '/security/verify',
+      bot_route: '/api/bot'
+    },
+    
+    # Rate limiting settings
+    rate_limiting: {
+      window_size: 3600, # 1 hour
+      max_requests: 1000,
+      block_duration: 3600,
+      cleanup_interval: 300
+    },
+    
+    # Anomaly detection settings
+    anomaly_detection: {
+      baseline_window: 86400, # 24 hours
+      anomaly_threshold: 2.0, # z-score threshold
+      min_requests: 10,
+      learning_rate: 0.1
+    }
+
+  # Routes for demonstration
+  routes.draw do
+    # Main application routes
+    root 'home#index'
+    
+    # API endpoints that will be analyzed by AI
+    namespace :api do
+      namespace :v1 do
+        resources :users, only: [:index, :show, :create, :update]
+        resources :posts, only: [:index, :show, :create, :update, :destroy]
+        resources :comments, only: [:create, :update, :destroy]
+      end
+    end
+    
+    # Admin routes (high security)
+    namespace :admin do
+      resources :users
+      resources :settings
+      get 'dashboard', to: 'dashboard#index'
+    end
+    
+    # Security routes (used by AI routing)
+    namespace :security do
+      get 'verify', to: 'verification#show'
+      post 'verify', to: 'verification#create'
+      get 'blocked', to: 'blocked#show'
+    end
+    
+    # Health check endpoint (skipped by AI processing)
+    get 'health', to: 'health#check'
+    
+    # AI analysis endpoints
+    namespace :ai do
+      get 'status', to: 'status#show'
+      get 'metrics', to: 'metrics#index'
+      get 'logs', to: 'logs#index'
+    end
+  end
+end
+
+# Controllers
+class ApplicationController < ActionController::Base
+  protect_from_forgery with: :exception
+  
+  # Access AI analysis results in controllers
+  before_action :check_ai_analysis
+  
+  private
+  
+  def check_ai_analysis
+    @ai_results = request.env['rack.ai']
+    
+    # Log AI decisions for monitoring
+    if @ai_results && @ai_results[:results]
+      Rails.logger.info "AI Analysis: #{@ai_results[:results].inspect}"
+      
+      # Handle high-risk requests
+      if high_risk_request?
+        Rails.logger.warn "High risk request detected: #{request.path}"
+        # Additional security measures could be implemented here
+      end
+    end
+  end
+  
+  def high_risk_request?
+    return false unless @ai_results&.dig(:results)
+    
+    classification = @ai_results[:results][:classification]
+    security = @ai_results[:results][:security]
+    
+    (classification && classification[:classification] == :suspicious && classification[:confidence] > 0.8) ||
+    (security && security[:threat_level] == :high)
+  end
+end
+
+class HomeController < ApplicationController
+  def index
+    @ai_status = @ai_results ? 'Active' : 'Inactive'
+    @request_classification = @ai_results&.dig(:results, :classification, :classification)
+    @security_level = @ai_results&.dig(:results, :security, :threat_level)
+    
+    render json: {
+      message: 'Welcome to Rails + Rack::AI Demo',
+      ai_status: @ai_status,
+      classification: @request_classification,
+      security_level: @security_level,
+      timestamp: Time.current.iso8601
+    }
+  end
+end
+
+class Api::V1::BaseController < ApplicationController
+  # API-specific AI handling
+  before_action :validate_api_request
+  
+  private
+  
+  def validate_api_request
+    if @ai_results&.dig(:results, :rate_limiting, :blocked)
+      render json: { 
+        error: 'Rate limit exceeded',
+        retry_after: @ai_results[:results][:rate_limiting][:retry_after]
+      }, status: 429
+      return
+    end
+    
+    if @ai_results&.dig(:results, :classification, :classification) == :spam
+      render json: { error: 'Request classified as spam' }, status: 403
+      return
+    end
+  end
+end
+
+class Api::V1::UsersController < Api::V1::BaseController
+  def index
+    # Simulate user data with AI enhancement
+    users = [
+      { id: 1, name: 'John Doe', email: 'john@example.com' },
+      { id: 2, name: 'Jane Smith', email: 'jane@example.com' }
+    ]
+    
+    # AI enhancement could improve API responses
+    enhanced = @ai_results&.dig(:results, :enhancement, :enhancement_applied)
+    
+    render json: {
+      users: users,
+      meta: {
+        total: users.length,
+        ai_enhanced: enhanced || false,
+        classification: @ai_results&.dig(:results, :classification, :classification)
+      }
+    }
+  end
+  
+  def show
+    user_id = params[:id]
+    
+    # Simulate anomaly detection for unusual access patterns
+    anomaly_detected = @ai_results&.dig(:results, :anomaly_detection, :risk_score)&.> 0.8
+    
+    if anomaly_detected
+      Rails.logger.warn "Anomalous access pattern detected for user #{user_id}"
+    end
+    
+    render json: {
+      id: user_id,
+      name: "User #{user_id}",
+      email: "user#{user_id}@example.com",
+      anomaly_detected: anomaly_detected
+    }
+  end
+  
+  def create
+    # AI moderation for user-generated content
+    moderation_result = @ai_results&.dig(:results, :moderation)
+    
+    if moderation_result&.dig(:flagged)
+      render json: {
+        error: 'Content violates community guidelines',
+        categories: moderation_result[:categories]
+      }, status: 422
+      return
+    end
+    
+    render json: {
+      message: 'User created successfully',
+      moderation_passed: true
+    }, status: 201
+  end
+end
+
+class SecurityController < ApplicationController
+  def verify
+    render json: {
+      message: 'Security verification required',
+      reason: params[:reason] || 'suspicious_activity',
+      instructions: 'Please complete the verification process'
+    }
+  end
+  
+  def blocked
+    render json: {
+      message: 'Access blocked',
+      reason: 'security_violation',
+      contact: 'security@example.com'
+    }, status: 403
+  end
+end
+
+class HealthController < ApplicationController
+  def check
+    render json: {
+      status: 'ok',
+      timestamp: Time.current.iso8601,
+      ai_middleware: 'active'
+    }
+  end
+end
+
+class Ai::StatusController < ApplicationController
+  def show
+    render json: {
+      ai_middleware: {
+        active: @ai_results.present?,
+        features: @ai_results&.dig(:results)&.keys || [],
+        processing_time: @ai_results&.dig(:processing_time),
+        provider: @ai_results&.dig(:provider)
+      },
+      request_analysis: @ai_results&.dig(:results) || {}
+    }
+  end
+end
+
+class Ai::MetricsController < ApplicationController
+  def index
+    # In a real application, this would fetch metrics from storage
+    render json: {
+      total_requests: 1500,
+      classifications: {
+        human: 1200,
+        bot: 200,
+        suspicious: 80,
+        spam: 20
+      },
+      security_threats: {
+        low: 1400,
+        medium: 80,
+        high: 20
+      },
+      rate_limiting: {
+        blocked_requests: 45,
+        current_limits: 1000
+      },
+      anomalies_detected: 12,
+      cache_hit_rate: 0.78
+    }
+  end
+end
+
+# Initialize and run the application
+if __FILE__ == $0
+  # Set up environment
+  ENV['RAILS_ENV'] ||= 'development'
+  
+  # Initialize Rails application
+  app = RailsAiIntegrationApp.new
+  app.initialize!
+  
+  puts "🚀 Rails + Rack::AI Advanced Integration Demo"
+  puts "📊 Features enabled: Classification, Security, Moderation, Caching, Routing, Logging, Enhancement, Rate Limiting, Anomaly Detection"
+  puts "🔗 Available endpoints:"
+  puts "  GET  /                     - Home page with AI status"
+  puts "  GET  /api/v1/users         - Users API (with AI analysis)"
+  puts "  GET  /api/v1/users/:id     - User details (with anomaly detection)"
+  puts "  POST /api/v1/users         - Create user (with content moderation)"
+  puts "  GET  /admin/dashboard      - Admin area (high security)"
+  puts "  GET  /security/verify      - Security verification page"
+  puts "  GET  /health               - Health check (AI processing skipped)"
+  puts "  GET  /ai/status            - AI middleware status"
+  puts "  GET  /ai/metrics           - AI analysis metrics"
+  puts ""
+  puts "🔧 Configuration:"
+  puts "  - Set OPENAI_API_KEY environment variable for full functionality"
+  puts "  - Set REDIS_URL for caching features (optional)"
+  puts "  - All features are enabled with production-ready settings"
+  puts ""
+  puts "📝 Testing suggestions:"
+  puts "  - Try different User-Agent strings to trigger bot detection"
+  puts "  - Make rapid requests to test rate limiting"
+  puts "  - Send suspicious payloads to test security features"
+  puts "  - Access admin routes to see enhanced security analysis"
+  
+  # Start the server
+  require 'rack'
+  Rack::Handler::WEBrick.run(app, Port: 3000, Host: '0.0.0.0')
+end