GuardianUnivalle-Benito-Yucra 0.1.7__py3-none-any.whl → 0.1.8__py3-none-any.whl

GuardianUnivalle_Benito_Yucra/detectores/detector_sql.py

@@ -1,10 +1,19 @@
 import re
 import json
 import time
+import logging
 from typing import Tuple
 from django.http import JsonResponse
 from django.utils.deprecation import MiddlewareMixin
 
+# ---------- Configuración de logging ----------
+logger = logging.getLogger("sqlidefense")
+logger.setLevel(logging.INFO)
+handler = logging.StreamHandler()  # Por consola; en producción puede ser FileHandler
+formatter = logging.Formatter("%(asctime)s - %(levelname)s - %(message)s")
+handler.setFormatter(formatter)
+logger.addHandler(handler)
+
 # ---------- Patrones de ataques SQL ----------
 PATTERNS = [
     (
@@ -39,9 +48,11 @@ BLOCK_DURATION = 30  # segundos
 def extract_payload_text(request) -> str:
     """Extrae todo el contenido que podría contener inyecciones"""
     parts = []
+
     # Query params
     if request.META.get("QUERY_STRING"):
         parts.append(request.META.get("QUERY_STRING"))
+
     # Body
     try:
         content_type = request.META.get("CONTENT_TYPE", "")
@@ -52,9 +63,11 @@ def extract_payload_text(request) -> str:
             parts.append(request.body.decode("utf-8", errors="ignore"))
     except Exception:
         pass
+
     # Headers
     parts.append(request.META.get("HTTP_USER_AGENT", ""))
     parts.append(request.META.get("HTTP_REFERER", ""))
+
     return " ".join([p for p in parts if p])
 
 
@@ -71,9 +84,9 @@ def get_client_ip(request):
     """Obtiene la IP del cliente"""
     x_forwarded_for = request.META.get("HTTP_X_FORWARDED_FOR")
     if x_forwarded_for:
-        ip = x_forwarded_for.split(",")[0]
+        ip = x_forwarded_for.split(",")[0].strip()
     else:
-        ip = request.META.get("REMOTE_ADDR")
+        ip = request.META.get("REMOTE_ADDR", "0.0.0.0")
     return ip
 
 
@@ -85,6 +98,7 @@ class SQLIDefenseStrongMiddleware(MiddlewareMixin):
         # Revisa si la IP está temporalmente bloqueada
         if client_ip in TEMP_BLOCK:
             if time.time() - TEMP_BLOCK[client_ip] < BLOCK_DURATION:
+                logger.warning(f"IP bloqueada temporalmente: {client_ip}")
                 return JsonResponse(
                     {
                         "detail": "Acceso temporalmente bloqueado por actividad sospechosa",
@@ -103,15 +117,11 @@ class SQLIDefenseStrongMiddleware(MiddlewareMixin):
         if flagged:
             # Bloquea temporalmente la IP
             TEMP_BLOCK[client_ip] = time.time()
-            # <-- Aquí puedes agregar la impresión o el log -->
-            print("IP detectada:", client_ip)
-            # O usando logging
-            import logging
-
-            logger = logging.getLogger(__name__)
+            # Logging profesional
             logger.warning(
-                f"Intento de ataque detectado desde IP: {client_ip}, detalles: {matches}"
+                f"Intento de ataque detectado desde IP: {client_ip}, detalles: {matches}, payload: {text}"
             )
+
             return JsonResponse(
                 {
                     "detail": "Request bloqueado: posible intento de inyección SQL detectado",
@@ -119,4 +129,5 @@ class SQLIDefenseStrongMiddleware(MiddlewareMixin):
                 },
                 status=403,
             )
+
         return None

{guardianunivalle_benito_yucra-0.1.7.dist-info → guardianunivalle_benito_yucra-0.1.8.dist-info}/METADATA

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: GuardianUnivalle-Benito-Yucra
-Version: 0.1.7
+Version: 0.1.8
 Summary: Middleware y detectores de seguridad (SQLi, XSS, CSRF, DoS, Keylogger) para Django/Flask
 Author-email: Andres Benito Calle Yucra <benitoandrescalle035@gmail.com>
 License: MIT

{guardianunivalle_benito_yucra-0.1.7.dist-info → guardianunivalle_benito_yucra-0.1.8.dist-info}/RECORD

@@ -7,14 +7,14 @@ GuardianUnivalle_Benito_Yucra/criptografia/kdf.py,sha256=_sbepEY1qHEKga0ExrX2WRg
 GuardianUnivalle_Benito_Yucra/detectores/detector_csrf.py,sha256=EAYfLkHuxGC5rXSu4mZJ4yZDCbwBpTX8xZWGKz7i5wA,692
 GuardianUnivalle_Benito_Yucra/detectores/detector_dos.py,sha256=lMWmCw6nccCEnek53nVjpoBCeiBqLdrSXxqRuI7VP2I,696
 GuardianUnivalle_Benito_Yucra/detectores/detector_keylogger.py,sha256=rEDG-Q_R56OsG2ypfHVBK7erolYjdvATnAxB3yvPXts,729
-GuardianUnivalle_Benito_Yucra/detectores/detector_sql.py,sha256=A2zbd43LTxdYw31UsLdvpD4b7KTd-NHqo7cerRrpD-w,4067
+GuardianUnivalle_Benito_Yucra/detectores/detector_sql.py,sha256=subkuneu8eXinhKL3jKPdo3bNmrOTkvvZaWWY_BUgbg,4368
 GuardianUnivalle_Benito_Yucra/detectores/detector_xss.py,sha256=66V_xuxNOZEwluvWOT4-6pk5MJ3zWE1IwcVkBl7MZSg,719
 GuardianUnivalle_Benito_Yucra/middleware_web/middleware_web.py,sha256=23pLLYqliUoMrIC6ZEwz3hKXeDjWfHSm9vYPWGmDDik,495
 GuardianUnivalle_Benito_Yucra/mitigacion/limitador_peticion.py,sha256=ipMOebYhql-6mSyHs0ddYXOcXq9w8P_IXLlpiIqGncw,246
 GuardianUnivalle_Benito_Yucra/mitigacion/lista_bloqueo.py,sha256=6AYWII4mrmwCLHCvGTyoBxR4Oasr4raSHpFbVjqn7d8,193
 GuardianUnivalle_Benito_Yucra/puntuacion/puntuacion_amenaza.py,sha256=Wx5XfcII4oweLvZsTBEJ7kUc9pMpP5-36RfI5C5KJXo,561
-guardianunivalle_benito_yucra-0.1.7.dist-info/licenses/LICENSE,sha256=5e4IdL542v1E8Ft0A24GZjrxZeTsVK7XrS3mZEUhPtM,37
-guardianunivalle_benito_yucra-0.1.7.dist-info/METADATA,sha256=nHB-xrwVo5baOB8OlzIOTTs343O_hwIMO68M3tFC5yA,1892
-guardianunivalle_benito_yucra-0.1.7.dist-info/WHEEL,sha256=_zCd3N1l69ArxyTb8rzEoP9TpbYXkqRFSNOD5OuxnTs,91
-guardianunivalle_benito_yucra-0.1.7.dist-info/top_level.txt,sha256=HTWfZM64WAV_QYr5cnXnLuabQt92dvlxqlR3pCwpbDQ,30
-guardianunivalle_benito_yucra-0.1.7.dist-info/RECORD,,
+guardianunivalle_benito_yucra-0.1.8.dist-info/licenses/LICENSE,sha256=5e4IdL542v1E8Ft0A24GZjrxZeTsVK7XrS3mZEUhPtM,37
+guardianunivalle_benito_yucra-0.1.8.dist-info/METADATA,sha256=YgoyLWRreSyNHLPx-oinGqAknNtwgZhBLhyfo5nqkIM,1892
+guardianunivalle_benito_yucra-0.1.8.dist-info/WHEEL,sha256=_zCd3N1l69ArxyTb8rzEoP9TpbYXkqRFSNOD5OuxnTs,91
+guardianunivalle_benito_yucra-0.1.8.dist-info/top_level.txt,sha256=HTWfZM64WAV_QYr5cnXnLuabQt92dvlxqlR3pCwpbDQ,30
+guardianunivalle_benito_yucra-0.1.8.dist-info/RECORD,,