rack-ai 0.2.0 → 0.3.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 1d95d49cfff0cb1d7f62fb2f31680b6b2ce139ef8c2bf87c4bb86e5a5123c876
-  data.tar.gz: 05ed2583e65ef1fa68dbb502bafcc4046ed67495b049ed1ffc41e4ed7240f283
+  metadata.gz: 70c4c59ceaa3a8fd55136f31d5935e0f701f83086a48c09f3ff7b8f012961d4b
+  data.tar.gz: a74d4964324bdec31e68fe9a9d73ce343091159817f8707a4cf99a871fe5ce03
 SHA512:
-  metadata.gz: 3fc2d6b2dcd73a946e20de45c66cf92bcf65c342f434adf939d79b1b732a4b16d42d4faa9f04b28c4dcc116baf3168c1cc014d29d7a7035b55bea915be441cda
-  data.tar.gz: 8fbe16fb2da9b93e3ff3896e923c3e3832f69319f4bff630fb68fcab16530e70e0fb95b293a00559bb9ec95cb87a707b8cd69b5fa45398817ecbdacbe1beac2a
+  metadata.gz: 5272d46f9facd1245c5e953033bc5e1c2994ab4b528efc1ae69b6fbed599c836159d34970110bac8c0044e0a6bd576c9976da9dbe2d81df3ab20d73ca9d4ff33
+  data.tar.gz: e67d23491fc329a4eb251f33f22c7c541cbde6af5298c29289914801f4793372f6384dc0912df026b605f2fb0f837659bc45a8c67e411046809418421be10be5

data/CHANGELOG.md

@@ -27,7 +27,44 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 - Test suite stability and reliability
 - Memory leaks in long-running applications
 
-## [0.1.0] - 2025-01-11
+## [0.3.0] - 2024-01-16
+
+### Added
+- **New Providers**: HuggingFace and Local provider implementations
+- **New Features**: 
+  - Caching with predictive analysis and Redis integration
+  - Smart routing based on AI classification results
+  - Enhanced logging with structured AI insights
+  - Content enhancement for SEO, readability, and accessibility
+  - Rate limiting with IP-based tracking and configurable windows
+  - Anomaly detection with baseline learning and risk scoring
+- **Advanced Examples**: 
+  - Rails integration with all features enabled
+  - Sinatra microservice with security-focused configuration
+  - Comprehensive example demonstrating all capabilities
+- **Enhanced Configuration**: OpenStruct-based nested configuration for better usability
+- **Improved Testing**: Complete test coverage for all providers and features
+- **Better Error Handling**: Comprehensive error handling throughout the codebase
+
+### Changed
+- Configuration system now uses OpenStruct for nested settings
+- Logger implementation simplified and warnings resolved
+- Provider initialization improved with better validation
+- Middleware now supports all implemented features
+
+### Fixed
+- Configuration hash access issues resolved
+- Logger constant conflicts eliminated
+- Test failures for provider implementations
+- OStruct deprecation warnings addressed
+
+### Security
+- Enhanced injection detection capabilities
+- Improved anomaly detection algorithms
+- Better rate limiting implementation
+- Comprehensive security analysis features
+
+## [0.2.0] - 2024-01-15
 
 ### Added
 - Initial release with core AI middleware functionality

data/examples/rails_integration_advanced.rb

@@ -0,0 +1,353 @@
+# frozen_string_literal: true
+
+# Advanced Rails Integration Example for Rack::AI
+# This example demonstrates how to integrate Rack::AI with a Rails application
+# using all available features and advanced configuration options.
+
+require 'rails'
+require 'rack/ai'
+
+class RailsAiIntegrationApp < Rails::Application
+  # Basic Rails configuration
+  config.load_defaults 7.0
+  config.eager_load = false
+  config.cache_classes = false
+  config.consider_all_requests_local = true
+  config.secret_key_base = 'test_secret_key_base_for_rack_ai_demo'
+
+  # Configure Rack::AI with all features enabled
+  config.middleware.use Rack::AI::Middleware,
+    provider: :openai,
+    api_key: ENV['OPENAI_API_KEY'] || 'your-openai-api-key-here',
+    features: [:classification, :security, :moderation, :caching, :routing, :logging, :enhancement, :rate_limiting, :anomaly_detection],
+    fail_safe: true,
+    async_processing: true,
+    sanitize_logs: true,
+    explain_decisions: true,
+    
+    # Classification settings
+    classification: {
+      confidence_threshold: 0.8,
+      categories: [:human, :bot, :spam, :suspicious]
+    },
+    
+    # Security settings
+    security: {
+      injection_detection: true,
+      anomaly_threshold: 0.7,
+      block_suspicious: true
+    },
+    
+    # Moderation settings
+    moderation: {
+      toxicity_threshold: 0.6,
+      check_response: false,
+      block_on_violation: true
+    },
+    
+    # Caching settings
+    caching: {
+      predictive_enabled: true,
+      prefetch_threshold: 0.9,
+      redis_url: ENV['REDIS_URL'] || 'redis://localhost:6379'
+    },
+    
+    # Routing settings
+    routing: {
+      smart_routing_enabled: true,
+      suspicious_route: '/security/verify',
+      bot_route: '/api/bot'
+    },
+    
+    # Rate limiting settings
+    rate_limiting: {
+      window_size: 3600, # 1 hour
+      max_requests: 1000,
+      block_duration: 3600,
+      cleanup_interval: 300
+    },
+    
+    # Anomaly detection settings
+    anomaly_detection: {
+      baseline_window: 86400, # 24 hours
+      anomaly_threshold: 2.0, # z-score threshold
+      min_requests: 10,
+      learning_rate: 0.1
+    }
+
+  # Routes for demonstration
+  routes.draw do
+    # Main application routes
+    root 'home#index'
+    
+    # API endpoints that will be analyzed by AI
+    namespace :api do
+      namespace :v1 do
+        resources :users, only: [:index, :show, :create, :update]
+        resources :posts, only: [:index, :show, :create, :update, :destroy]
+        resources :comments, only: [:create, :update, :destroy]
+      end
+    end
+    
+    # Admin routes (high security)
+    namespace :admin do
+      resources :users
+      resources :settings
+      get 'dashboard', to: 'dashboard#index'
+    end
+    
+    # Security routes (used by AI routing)
+    namespace :security do
+      get 'verify', to: 'verification#show'
+      post 'verify', to: 'verification#create'
+      get 'blocked', to: 'blocked#show'
+    end
+    
+    # Health check endpoint (skipped by AI processing)
+    get 'health', to: 'health#check'
+    
+    # AI analysis endpoints
+    namespace :ai do
+      get 'status', to: 'status#show'
+      get 'metrics', to: 'metrics#index'
+      get 'logs', to: 'logs#index'
+    end
+  end
+end
+
+# Controllers
+class ApplicationController < ActionController::Base
+  protect_from_forgery with: :exception
+  
+  # Access AI analysis results in controllers
+  before_action :check_ai_analysis
+  
+  private
+  
+  def check_ai_analysis
+    @ai_results = request.env['rack.ai']
+    
+    # Log AI decisions for monitoring
+    if @ai_results && @ai_results[:results]
+      Rails.logger.info "AI Analysis: #{@ai_results[:results].inspect}"
+      
+      # Handle high-risk requests
+      if high_risk_request?
+        Rails.logger.warn "High risk request detected: #{request.path}"
+        # Additional security measures could be implemented here
+      end
+    end
+  end
+  
+  def high_risk_request?
+    return false unless @ai_results&.dig(:results)
+    
+    classification = @ai_results[:results][:classification]
+    security = @ai_results[:results][:security]
+    
+    (classification && classification[:classification] == :suspicious && classification[:confidence] > 0.8) ||
+    (security && security[:threat_level] == :high)
+  end
+end
+
+class HomeController < ApplicationController
+  def index
+    @ai_status = @ai_results ? 'Active' : 'Inactive'
+    @request_classification = @ai_results&.dig(:results, :classification, :classification)
+    @security_level = @ai_results&.dig(:results, :security, :threat_level)
+    
+    render json: {
+      message: 'Welcome to Rails + Rack::AI Demo',
+      ai_status: @ai_status,
+      classification: @request_classification,
+      security_level: @security_level,
+      timestamp: Time.current.iso8601
+    }
+  end
+end
+
+class Api::V1::BaseController < ApplicationController
+  # API-specific AI handling
+  before_action :validate_api_request
+  
+  private
+  
+  def validate_api_request
+    if @ai_results&.dig(:results, :rate_limiting, :blocked)
+      render json: { 
+        error: 'Rate limit exceeded',
+        retry_after: @ai_results[:results][:rate_limiting][:retry_after]
+      }, status: 429
+      return
+    end
+    
+    if @ai_results&.dig(:results, :classification, :classification) == :spam
+      render json: { error: 'Request classified as spam' }, status: 403
+      return
+    end
+  end
+end
+
+class Api::V1::UsersController < Api::V1::BaseController
+  def index
+    # Simulate user data with AI enhancement
+    users = [
+      { id: 1, name: 'John Doe', email: 'john@example.com' },
+      { id: 2, name: 'Jane Smith', email: 'jane@example.com' }
+    ]
+    
+    # AI enhancement could improve API responses
+    enhanced = @ai_results&.dig(:results, :enhancement, :enhancement_applied)
+    
+    render json: {
+      users: users,
+      meta: {
+        total: users.length,
+        ai_enhanced: enhanced || false,
+        classification: @ai_results&.dig(:results, :classification, :classification)
+      }
+    }
+  end
+  
+  def show
+    user_id = params[:id]
+    
+    # Simulate anomaly detection for unusual access patterns
+    anomaly_detected = @ai_results&.dig(:results, :anomaly_detection, :risk_score)&.> 0.8
+    
+    if anomaly_detected
+      Rails.logger.warn "Anomalous access pattern detected for user #{user_id}"
+    end
+    
+    render json: {
+      id: user_id,
+      name: "User #{user_id}",
+      email: "user#{user_id}@example.com",
+      anomaly_detected: anomaly_detected
+    }
+  end
+  
+  def create
+    # AI moderation for user-generated content
+    moderation_result = @ai_results&.dig(:results, :moderation)
+    
+    if moderation_result&.dig(:flagged)
+      render json: {
+        error: 'Content violates community guidelines',
+        categories: moderation_result[:categories]
+      }, status: 422
+      return
+    end
+    
+    render json: {
+      message: 'User created successfully',
+      moderation_passed: true
+    }, status: 201
+  end
+end
+
+class SecurityController < ApplicationController
+  def verify
+    render json: {
+      message: 'Security verification required',
+      reason: params[:reason] || 'suspicious_activity',
+      instructions: 'Please complete the verification process'
+    }
+  end
+  
+  def blocked
+    render json: {
+      message: 'Access blocked',
+      reason: 'security_violation',
+      contact: 'security@example.com'
+    }, status: 403
+  end
+end
+
+class HealthController < ApplicationController
+  def check
+    render json: {
+      status: 'ok',
+      timestamp: Time.current.iso8601,
+      ai_middleware: 'active'
+    }
+  end
+end
+
+class Ai::StatusController < ApplicationController
+  def show
+    render json: {
+      ai_middleware: {
+        active: @ai_results.present?,
+        features: @ai_results&.dig(:results)&.keys || [],
+        processing_time: @ai_results&.dig(:processing_time),
+        provider: @ai_results&.dig(:provider)
+      },
+      request_analysis: @ai_results&.dig(:results) || {}
+    }
+  end
+end
+
+class Ai::MetricsController < ApplicationController
+  def index
+    # In a real application, this would fetch metrics from storage
+    render json: {
+      total_requests: 1500,
+      classifications: {
+        human: 1200,
+        bot: 200,
+        suspicious: 80,
+        spam: 20
+      },
+      security_threats: {
+        low: 1400,
+        medium: 80,
+        high: 20
+      },
+      rate_limiting: {
+        blocked_requests: 45,
+        current_limits: 1000
+      },
+      anomalies_detected: 12,
+      cache_hit_rate: 0.78
+    }
+  end
+end
+
+# Initialize and run the application
+if __FILE__ == $0
+  # Set up environment
+  ENV['RAILS_ENV'] ||= 'development'
+  
+  # Initialize Rails application
+  app = RailsAiIntegrationApp.new
+  app.initialize!
+  
+  puts "🚀 Rails + Rack::AI Advanced Integration Demo"
+  puts "📊 Features enabled: Classification, Security, Moderation, Caching, Routing, Logging, Enhancement, Rate Limiting, Anomaly Detection"
+  puts "🔗 Available endpoints:"
+  puts "  GET  /                     - Home page with AI status"
+  puts "  GET  /api/v1/users         - Users API (with AI analysis)"
+  puts "  GET  /api/v1/users/:id     - User details (with anomaly detection)"
+  puts "  POST /api/v1/users         - Create user (with content moderation)"
+  puts "  GET  /admin/dashboard      - Admin area (high security)"
+  puts "  GET  /security/verify      - Security verification page"
+  puts "  GET  /health               - Health check (AI processing skipped)"
+  puts "  GET  /ai/status            - AI middleware status"
+  puts "  GET  /ai/metrics           - AI analysis metrics"
+  puts ""
+  puts "🔧 Configuration:"
+  puts "  - Set OPENAI_API_KEY environment variable for full functionality"
+  puts "  - Set REDIS_URL for caching features (optional)"
+  puts "  - All features are enabled with production-ready settings"
+  puts ""
+  puts "📝 Testing suggestions:"
+  puts "  - Try different User-Agent strings to trigger bot detection"
+  puts "  - Make rapid requests to test rate limiting"
+  puts "  - Send suspicious payloads to test security features"
+  puts "  - Access admin routes to see enhanced security analysis"
+  
+  # Start the server
+  require 'rack'
+  Rack::Handler::WEBrick.run(app, Port: 3000, Host: '0.0.0.0')
+end

data/examples/sinatra_microservice.rb

@@ -0,0 +1,431 @@
+# frozen_string_literal: true
+
+# Sinatra Microservice Example with Rack::AI
+# This example demonstrates how to build a secure microservice using Sinatra and Rack::AI
+# with comprehensive AI-powered security, monitoring, and optimization features.
+
+require 'sinatra/base'
+require 'json'
+require 'rack/ai'
+
+class SecureMicroservice < Sinatra::Base
+  # Configure Rack::AI middleware with security-focused settings
+  use Rack::AI::Middleware,
+    provider: :openai,
+    api_key: ENV['OPENAI_API_KEY'] || 'demo-key',
+    features: [:classification, :security, :rate_limiting, :anomaly_detection, :logging],
+    fail_safe: true,
+    async_processing: false, # Synchronous for microservice reliability
+    sanitize_logs: true,
+    explain_decisions: true,
+    
+    # Strict security settings for microservice
+    classification: {
+      confidence_threshold: 0.7,
+      categories: [:human, :bot, :spam, :suspicious, :malicious]
+    },
+    
+    security: {
+      injection_detection: true,
+      anomaly_threshold: 0.6,
+      block_suspicious: true
+    },
+    
+    # Aggressive rate limiting for API protection
+    rate_limiting: {
+      window_size: 300, # 5 minutes
+      max_requests: 100,
+      block_duration: 900, # 15 minutes
+      cleanup_interval: 60
+    },
+    
+    # Sensitive anomaly detection
+    anomaly_detection: {
+      baseline_window: 3600, # 1 hour
+      anomaly_threshold: 1.5, # Lower threshold for microservice
+      min_requests: 5,
+      learning_rate: 0.2
+    }
+
+  # Enable JSON parsing
+  set :protection, except: [:json_csrf]
+  
+  # Helper methods for AI analysis
+  helpers do
+    def ai_results
+      @ai_results ||= request.env['rack.ai']
+    end
+    
+    def ai_classification
+      ai_results&.dig(:results, :classification)
+    end
+    
+    def ai_security
+      ai_results&.dig(:results, :security)
+    end
+    
+    def ai_rate_limiting
+      ai_results&.dig(:results, :rate_limiting)
+    end
+    
+    def ai_anomaly
+      ai_results&.dig(:results, :anomaly_detection)
+    end
+    
+    def request_blocked?
+      ai_rate_limiting&.dig(:blocked) || 
+      ai_security&.dig(:threat_level) == :high ||
+      ai_classification&.dig(:classification) == :malicious
+    end
+    
+    def suspicious_request?
+      ai_classification&.dig(:classification) == :suspicious ||
+      ai_security&.dig(:threat_level) == :medium ||
+      ai_anomaly&.dig(:risk_score)&.> 0.7
+    end
+    
+    def log_request_analysis
+      return unless ai_results
+      
+      logger.info "AI Analysis: #{ai_results[:results].keys.join(', ')}"
+      
+      if request_blocked?
+        logger.warn "Request blocked: #{request.path_info}"
+      elsif suspicious_request?
+        logger.warn "Suspicious request: #{request.path_info}"
+      end
+    end
+    
+    def security_headers
+      {
+        'X-AI-Classification' => ai_classification&.dig(:classification)&.to_s,
+        'X-AI-Security-Level' => ai_security&.dig(:threat_level)&.to_s,
+        'X-AI-Risk-Score' => ai_anomaly&.dig(:risk_score)&.to_s,
+        'X-Content-Type-Options' => 'nosniff',
+        'X-Frame-Options' => 'DENY',
+        'X-XSS-Protection' => '1; mode=block'
+      }.compact
+    end
+  end
+  
+  # Before filter for security checks
+  before do
+    content_type :json
+    log_request_analysis
+    
+    # Block malicious requests immediately
+    if request_blocked?
+      halt 403, security_headers, {
+        error: 'Request blocked by AI security system',
+        reason: determine_block_reason,
+        timestamp: Time.now.iso8601
+      }.to_json
+    end
+    
+    # Add security headers to all responses
+    headers security_headers
+  end
+  
+  # Health check endpoint (bypasses AI processing)
+  get '/health' do
+    {
+      status: 'healthy',
+      service: 'secure-microservice',
+      timestamp: Time.now.iso8601,
+      ai_middleware: ai_results ? 'active' : 'inactive'
+    }.to_json
+  end
+  
+  # Service status with AI metrics
+  get '/status' do
+    {
+      service: {
+        name: 'secure-microservice',
+        version: '1.0.0',
+        uptime: Process.clock_gettime(Process::CLOCK_MONOTONIC),
+        status: 'operational'
+      },
+      ai: {
+        active: ai_results.present?,
+        provider: ai_results&.dig(:provider),
+        features: ai_results&.dig(:results)&.keys || [],
+        processing_time: ai_results&.dig(:processing_time),
+        classification: ai_classification,
+        security_level: ai_security&.dig(:threat_level),
+        rate_limit_status: ai_rate_limiting,
+        anomaly_score: ai_anomaly&.dig(:risk_score)
+      },
+      timestamp: Time.now.iso8601
+    }.to_json
+  end
+  
+  # User authentication endpoint
+  post '/auth/login' do
+    request.body.rewind
+    data = JSON.parse(request.body.read) rescue {}
+    
+    # AI analysis helps detect credential stuffing attacks
+    if ai_anomaly&.dig(:risk_score)&.> 0.8
+      logger.warn "Potential credential stuffing attack detected"
+      
+      halt 429, {
+        error: 'Too many authentication attempts',
+        retry_after: 300,
+        timestamp: Time.now.iso8601
+      }.to_json
+    end
+    
+    # Simulate authentication logic
+    username = data['username']
+    password = data['password']
+    
+    if username && password && username.length > 3 && password.length > 6
+      token = "secure_token_#{Time.now.to_i}_#{rand(1000)}"
+      
+      {
+        success: true,
+        token: token,
+        expires_at: (Time.now + 3600).iso8601,
+        security_analysis: {
+          classification: ai_classification&.dig(:classification),
+          risk_score: ai_anomaly&.dig(:risk_score) || 0.0
+        }
+      }.to_json
+    else
+      halt 400, {
+        error: 'Invalid credentials format',
+        requirements: {
+          username: 'minimum 4 characters',
+          password: 'minimum 7 characters'
+        }
+      }.to_json
+    end
+  end
+  
+  # Data processing endpoint with content validation
+  post '/data/process' do
+    request.body.rewind
+    raw_data = request.body.read
+    
+    # Check for suspicious content patterns
+    if ai_security&.dig(:injection_detection, :sql_injection_detected)
+      logger.error "SQL injection attempt detected"
+      halt 400, {
+        error: 'Malicious content detected',
+        type: 'sql_injection',
+        timestamp: Time.now.iso8601
+      }.to_json
+    end
+    
+    if ai_security&.dig(:injection_detection, :xss_detected)
+      logger.error "XSS attempt detected"
+      halt 400, {
+        error: 'Malicious content detected',
+        type: 'xss_injection',
+        timestamp: Time.now.iso8601
+      }.to_json
+    end
+    
+    begin
+      data = JSON.parse(raw_data)
+    rescue JSON::ParserError
+      halt 400, {
+        error: 'Invalid JSON format',
+        timestamp: Time.now.iso8601
+      }.to_json
+    end
+    
+    # Process data (simulation)
+    processed_data = {
+      original_size: raw_data.bytesize,
+      processed_at: Time.now.iso8601,
+      items_count: data.is_a?(Array) ? data.length : 1,
+      security_scan: {
+        threats_detected: ai_security&.dig(:injection_detection, :threats) || [],
+        risk_level: ai_security&.dig(:threat_level) || :low,
+        classification: ai_classification&.dig(:classification) || :unknown
+      }
+    }
+    
+    {
+      success: true,
+      result: processed_data,
+      ai_analysis: {
+        processing_safe: ai_security&.dig(:threat_level) != :high,
+        confidence: ai_classification&.dig(:confidence) || 0.0
+      }
+    }.to_json
+  end
+  
+  # Analytics endpoint with anomaly detection
+  get '/analytics/requests' do
+    # Simulate analytics data
+    analytics = {
+      total_requests: 1250,
+      requests_by_classification: {
+        human: 1000,
+        bot: 150,
+        suspicious: 80,
+        spam: 15,
+        malicious: 5
+      },
+      security_events: {
+        blocked_requests: 25,
+        sql_injection_attempts: 8,
+        xss_attempts: 12,
+        rate_limit_violations: 45
+      },
+      anomaly_detection: {
+        anomalies_detected: 18,
+        current_baseline: ai_anomaly&.dig(:baseline_metrics) || {},
+        risk_distribution: {
+          low: 1180,
+          medium: 55,
+          high: 15
+        }
+      },
+      performance: {
+        avg_response_time: 125,
+        ai_processing_time: ai_results&.dig(:processing_time) || 0,
+        cache_hit_rate: 0.72
+      },
+      timestamp: Time.now.iso8601
+    }
+    
+    # Add current request analysis
+    if ai_results
+      analytics[:current_request] = {
+        classification: ai_classification,
+        security: ai_security,
+        anomaly_score: ai_anomaly&.dig(:risk_score)
+      }
+    end
+    
+    analytics.to_json
+  end
+  
+  # File upload endpoint with security scanning
+  post '/upload' do
+    unless params[:file] && params[:file][:tempfile]
+      halt 400, {
+        error: 'No file provided',
+        timestamp: Time.now.iso8601
+      }.to_json
+    end
+    
+    file = params[:file]
+    filename = file[:filename]
+    content = file[:tempfile].read
+    
+    # AI-powered content analysis
+    suspicious_patterns = []
+    
+    if content.include?('<script')
+      suspicious_patterns << 'javascript_code'
+    end
+    
+    if content.match?(/\b(SELECT|INSERT|UPDATE|DELETE|DROP)\b/i)
+      suspicious_patterns << 'sql_statements'
+    end
+    
+    if ai_security&.dig(:threat_level) == :high
+      logger.error "High-risk file upload blocked: #{filename}"
+      halt 403, {
+        error: 'File upload blocked by security system',
+        filename: filename,
+        threats: ai_security[:injection_detection][:threats],
+        timestamp: Time.now.iso8601
+      }.to_json
+    end
+    
+    # Simulate file processing
+    file_info = {
+      filename: filename,
+      size: content.bytesize,
+      content_type: file[:type],
+      uploaded_at: Time.now.iso8601,
+      security_scan: {
+        suspicious_patterns: suspicious_patterns,
+        threat_level: ai_security&.dig(:threat_level) || :low,
+        safe_to_process: suspicious_patterns.empty? && ai_security&.dig(:threat_level) != :high
+      },
+      ai_classification: ai_classification&.dig(:classification)
+    }
+    
+    {
+      success: true,
+      file: file_info,
+      message: suspicious_patterns.empty? ? 'File uploaded successfully' : 'File uploaded with warnings'
+    }.to_json
+  end
+  
+  # Error handlers
+  error 404 do
+    {
+      error: 'Endpoint not found',
+      path: request.path_info,
+      method: request.request_method,
+      timestamp: Time.now.iso8601,
+      ai_classification: ai_classification&.dig(:classification)
+    }.to_json
+  end
+  
+  error 500 do
+    logger.error "Internal server error: #{env['sinatra.error']}"
+    
+    {
+      error: 'Internal server error',
+      timestamp: Time.now.iso8601,
+      request_id: env['HTTP_X_REQUEST_ID'] || SecureRandom.hex(8)
+    }.to_json
+  end
+  
+  private
+  
+  def determine_block_reason
+    reasons = []
+    
+    if ai_rate_limiting&.dig(:blocked)
+      reasons << "rate_limit_exceeded"
+    end
+    
+    if ai_security&.dig(:threat_level) == :high
+      reasons << "high_security_threat"
+    end
+    
+    if ai_classification&.dig(:classification) == :malicious
+      reasons << "malicious_classification"
+    end
+    
+    reasons.join(', ')
+  end
+end
+
+# CLI runner
+if __FILE__ == $0
+  require 'rack'
+  
+  puts "🔒 Secure Microservice with Rack::AI"
+  puts "🛡️  Features: Classification, Security, Rate Limiting, Anomaly Detection, Logging"
+  puts "🔗 Available endpoints:"
+  puts "  GET  /health              - Health check (AI processing bypassed)"
+  puts "  GET  /status              - Service and AI status"
+  puts "  POST /auth/login          - User authentication with anomaly detection"
+  puts "  POST /data/process        - Data processing with injection detection"
+  puts "  GET  /analytics/requests  - Request analytics and security metrics"
+  puts "  POST /upload              - File upload with security scanning"
+  puts ""
+  puts "🔧 Configuration:"
+  puts "  - Set OPENAI_API_KEY for full AI functionality"
+  puts "  - Aggressive security settings for microservice protection"
+  puts "  - Real-time threat detection and blocking"
+  puts ""
+  puts "🧪 Testing commands:"
+  puts "  curl http://localhost:4567/health"
+  puts "  curl http://localhost:4567/status"
+  puts "  curl -X POST http://localhost:4567/auth/login -d '{\"username\":\"test\",\"password\":\"password123\"}' -H 'Content-Type: application/json'"
+  puts "  curl -X POST http://localhost:4567/data/process -d '[{\"id\":1,\"data\":\"test\"}]' -H 'Content-Type: application/json'"
+  puts ""
+  
+  Rack::Handler::WEBrick.run(SecureMicroservice, Port: 4567, Host: '0.0.0.0')
+end

data/lib/rack/ai/configuration.rb

@@ -1,7 +1,8 @@
 # frozen_string_literal: true
 
-require "dry/configurable"
-require "dry/validation"
+require "dry-configurable"
+require "dry-validation"
+require "ostruct"
 
 module Rack
   module AI
@@ -105,45 +106,38 @@ module Rack
         @metrics_enabled = true
         @explain_decisions = false
         
-        # Initialize nested configurations
-        @classification = {
-          confidence_threshold: 0.8,
-          categories: [:spam, :bot, :human, :suspicious]
-        }
-        
-        @moderation = {
-          toxicity_threshold: 0.7,
-          check_response: false,
-          block_on_violation: true
-        }
-        
-        @caching = {
-          predictive_enabled: true,
-          prefetch_threshold: 0.9,
-          redis_url: "redis://localhost:6379"
-        }
-        
-        @routing = {
-          smart_routing_enabled: true,
-          suspicious_route: "/captcha",
-          bot_route: "/api/bot"
-        }
+        # Nested configuration objects with OpenStruct-like behavior
       end
 
       def classification
-        @classification
+        @classification ||= OpenStruct.new(
+          confidence_threshold: 0.8,
+          categories: [:spam, :bot, :human, :suspicious]
+        )
       end
 
       def moderation
-        @moderation
+        @moderation ||= OpenStruct.new(
+          toxicity_threshold: 0.7,
+          check_response: false,
+          block_on_violation: true
+        )
       end
 
       def caching
-        @caching
+        @caching ||= OpenStruct.new(
+          predictive_enabled: true,
+          prefetch_threshold: 0.9,
+          redis_url: "redis://localhost:6379"
+        )
       end
 
       def routing
-        @routing
+        @routing ||= OpenStruct.new(
+          smart_routing_enabled: true,
+          suspicious_route: "/captcha",
+          bot_route: "/api/bot"
+        )
       end
 
       # For compatibility with middleware
@@ -186,11 +180,11 @@ module Rack
 
       def to_h
         {
-          provider: @provider,
-          api_key: @api_key,
-          api_url: @api_url,
-          timeout: @timeout,
-          retries: @retries,
+          provider: provider,
+          api_key: api_key,
+          api_url: api_url,
+          timeout: timeout,
+          retries: retries,
           features: @features,
           fail_safe: @fail_safe,
           async_processing: @async_processing,
@@ -212,16 +206,13 @@ module Rack
       end
 
       def provider_config
-        case @provider
-        when :openai
-          { api_key: @api_key, api_url: @api_url, timeout: @timeout, retries: @retries }
-        when :huggingface
-          { api_key: @api_key, api_url: @api_url, timeout: @timeout, retries: @retries }
-        when :local
-          { api_url: @api_url, timeout: @timeout, retries: @retries }
-        else
-          {}
-        end
+        {
+          provider: provider,
+          api_key: api_key,
+          api_url: api_url,
+          timeout: timeout,
+          retries: retries
+        }
       end
     end
   end

data/lib/rack/ai/middleware.rb

@@ -95,7 +95,7 @@ module Rack
           feature_class.new(@provider, @config)
         end
         
-        Utils::Logger.debug("Built features: #{features.map(&:name)}")
+        Utils::Logger.debug("Built features: #{features.map { |f| f.class.name.split('::').last }}")
         features
       end
 

data/lib/rack/ai/utils/enhanced_logger.rb

@@ -6,7 +6,7 @@ require 'json'
 module Rack
   module AI
     module Utils
-      class EnhancedLogger
+      class AdvancedLogger
         LOG_LEVELS = {
           debug: ::Logger::DEBUG,
           info: ::Logger::INFO,
@@ -123,8 +123,8 @@ module Rack
         end
       end
 
-      # Backward compatibility
-      Logger = EnhancedLogger
+      # Alias for backward compatibility
+      EnhancedLogger = AdvancedLogger
     end
   end
 end

data/lib/rack/ai/utils/logger.rb

@@ -7,45 +7,29 @@ module Rack
   module AI
     module Utils
       class Logger
-        def self.debug(message, context = {})
-          puts "[DEBUG] #{message} #{context}" if ENV['RACK_AI_DEBUG']
-        end
-
-        def self.info(message, context = {})
-          puts "[INFO] #{message} #{context}"
-        end
-
-        def self.warn(message, context = {})
-          puts "[WARN] #{message} #{context}"
-        end
-
-        def self.error(message, context = {})
-          puts "[ERROR] #{message} #{context}"
-        end
-
         class << self
           def logger
             @logger ||= build_logger
           end
 
           def debug(message, metadata = {})
-            log(:debug, message, metadata)
+            puts "[DEBUG] #{message} #{metadata}" if ENV['RACK_AI_DEBUG']
           end
 
           def info(message, metadata = {})
-            log(:info, message, metadata)
+            puts "[INFO] #{message} #{metadata}"
           end
 
           def warn(message, metadata = {})
-            log(:warn, message, metadata)
+            puts "[WARN] #{message} #{metadata}"
           end
 
           def error(message, metadata = {})
-            log(:error, message, metadata)
+            puts "[ERROR] #{message} #{metadata}"
           end
 
           def fatal(message, metadata = {})
-            log(:fatal, message, metadata)
+            puts "[FATAL] #{message} #{metadata}"
           end
 
           private
@@ -122,6 +106,7 @@ module Rack
           end
         end
       end
+
     end
   end
 end

data/lib/rack/ai/version.rb

@@ -2,6 +2,6 @@
 
 module Rack
   module AI
-    VERSION = "0.2.0"
+    VERSION = "0.3.0"
   end
 end

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: rack-ai
 version: !ruby/object:Gem::Version
-  version: 0.2.0
+  version: 0.3.0
 platform: ruby
 authors:
 - Ahmet KAHRAMAN
@@ -243,7 +243,9 @@ files:
 - benchmarks/performance_benchmark.rb
 - examples/comprehensive_example.rb
 - examples/rails_integration.rb
+- examples/rails_integration_advanced.rb
 - examples/sinatra_integration.rb
+- examples/sinatra_microservice.rb
 - lib/rack/ai.rb
 - lib/rack/ai/configuration.rb
 - lib/rack/ai/features/anomaly_detection.rb