aiwaf 0.1.8.5__py3-none-any.whl → 0.1.8.6__py3-none-any.whl

aiwaf/decorators.py

@@ -0,0 +1,28 @@
+from functools import wraps
+from django.utils.decorators import method_decorator
+
+def aiwaf_exempt(view_func):
+    """
+    Decorator to exempt a view from AI-WAF protection.
+    Can be used on function-based views or class-based views.
+    
+    Usage:
+        @aiwaf_exempt
+        def my_view(request):
+            return HttpResponse("This view is exempt from AI-WAF")
+        
+        # Or for class-based views:
+        @method_decorator(aiwaf_exempt, name='dispatch')
+        class MyView(View):
+            pass
+    """
+    @wraps(view_func)
+    def wrapped_view(*args, **kwargs):
+        return view_func(*args, **kwargs)
+    
+    # Mark the view as AI-WAF exempt
+    wrapped_view.aiwaf_exempt = True
+    return wrapped_view
+
+# For class-based views
+aiwaf_exempt_view = method_decorator(aiwaf_exempt, name='dispatch')

aiwaf/middleware.py

@@ -14,37 +14,10 @@ from django.core.cache import cache
 from django.db.models import F
 from django.apps import apps
 from django.urls import get_resolver
-from .trainer import STATIC_KW, STATUS_IDX, is_exempt_path, path_exists_in_django
+from .trainer import STATIC_KW, STATUS_IDX, path_exists_in_django
 from .blacklist_manager import BlacklistManager
 from .models import DynamicKeyword, IPExemption
-def is_ip_exempted(ip):
-    return IPExemption.objects.filter(ip_address=ip).exists()
-
-def is_exempt_path(path):
-    path = path.lower()
-    
-    # Default login paths that should always be exempt
-    default_login_paths = [
-        "/admin/login/",
-        "/admin/",
-        "/login/",
-        "/accounts/login/",
-        "/auth/login/",
-        "/signin/",
-    ]
-    
-    # Check default login paths
-    for login_path in default_login_paths:
-        if path.startswith(login_path):
-            return True
-    
-    # Check user-configured exempt paths
-    exempt_paths = getattr(settings, "AIWAF_EXEMPT_PATHS", [])
-    for exempt in exempt_paths:
-        if path == exempt or path.startswith(exempt.rstrip("/") + "/"):
-            return True
-    
-    return False
+from .utils import is_exempt, get_ip, is_ip_exempted
 
 MODEL_PATH = getattr(
     settings,
@@ -93,7 +66,7 @@ class IPAndKeywordBlockMiddleware:
 
     def __call__(self, request):
         raw_path = request.path.lower()
-        if is_exempt_path(raw_path):
+        if is_exempt(request):
             return self.get_response(request)
         ip = get_ip(request)
         path = raw_path.lstrip("/")
@@ -132,7 +105,7 @@ class RateLimitMiddleware:
         self.get_response = get_response
 
     def __call__(self, request):
-        if is_exempt_path(request.path):
+        if is_exempt(request):
             return self.get_response(request)
 
         ip = get_ip(request)
@@ -161,7 +134,7 @@ class AIAnomalyMiddleware(MiddlewareMixin):
         self.model = joblib.load(model_path)
 
     def process_request(self, request):
-        if is_exempt_path(request.path):
+        if is_exempt(request):
             return None
         request._start_time = time.time()
         ip = get_ip(request)
@@ -172,14 +145,14 @@ class AIAnomalyMiddleware(MiddlewareMixin):
         return None
 
     def process_response(self, request, response):
-        if is_exempt_path(request.path):
+        if is_exempt(request):
             return response
         ip = get_ip(request)
         now = time.time()
         key = f"aiwaf:{ip}"
         data = cache.get(key, [])
         path_len = len(request.path)
-        if not path_exists_in_django(request.path) and not is_exempt_path(request.path):
+        if not path_exists_in_django(request.path) and not is_exempt(request):
             kw_hits = sum(1 for kw in STATIC_KW if kw in request.path.lower())
         else:
             kw_hits = 0
@@ -211,7 +184,7 @@ class HoneypotTimingMiddleware(MiddlewareMixin):
     MIN_FORM_TIME = getattr(settings, "AIWAF_MIN_FORM_TIME", 1.0)  # seconds
     
     def process_request(self, request):
-        if is_exempt_path(request.path):
+        if is_exempt(request):
             return None
             
         ip = get_ip(request)
@@ -255,7 +228,7 @@ class HoneypotTimingMiddleware(MiddlewareMixin):
 
 class UUIDTamperMiddleware(MiddlewareMixin):
     def process_view(self, request, view_func, view_args, view_kwargs):
-        if is_exempt_path(request.path):
+        if is_exempt(request):
             return None
         uid = view_kwargs.get("uuid")
         if not uid:

aiwaf/trainer.py

@@ -13,6 +13,7 @@ from sklearn.ensemble import IsolationForest
 from django.conf import settings
 from django.apps import apps
 from django.db.models import F
+from .utils import is_exempt_path
 
 # ─────────── Configuration ───────────
 LOG_PATH   = settings.AIWAF_ACCESS_LOG
@@ -32,31 +33,6 @@ DynamicKeyword = apps.get_model("aiwaf", "DynamicKeyword")
 IPExemption = apps.get_model("aiwaf", "IPExemption")
 
 
-def is_exempt_path(path: str) -> bool:
-    path = path.lower()
-    
-    # Default login paths that should always be exempt
-    default_login_paths = [
-        "/admin/login/",
-        "/admin/",
-        "/login/",
-        "/accounts/login/",
-        "/auth/login/",
-        "/signin/",
-    ]
-    
-    # Check default login paths
-    for login_path in default_login_paths:
-        if path.startswith(login_path):
-            return True
-    
-    # Check user-configured exempt paths
-    for exempt in getattr(settings, "AIWAF_EXEMPT_PATHS", []):
-        if path == exempt or path.startswith(exempt.rstrip("/") + "/"):
-            return True
-    return False
-
-
 def path_exists_in_django(path: str) -> bool:
     from django.urls import get_resolver
     from django.urls.resolvers import URLResolver

aiwaf/utils.py

@@ -3,6 +3,8 @@ import re
 import glob
 import gzip
 from datetime import datetime
+from django.conf import settings
+from .models import IPExemption
 
 _LOG_RX = re.compile(
     r'(\d+\.\d+\.\d+\.\d+).*\[(.*?)\].*"(GET|POST) (.*?) HTTP/.*?" (\d{3}).*?"(.*?)" "(.*?)"'
@@ -47,4 +49,57 @@ def parse_log_line(line):
         "referer": ref,
         "user_agent": ua,
         "response_time": rt
-    }
+    }
+
+def is_ip_exempted(ip):
+    """Check if IP is in exemption list"""
+    return IPExemption.objects.filter(ip_address=ip).exists()
+
+def is_view_exempt(request):
+    """Check if the current view is marked as AI-WAF exempt"""
+    if hasattr(request, 'resolver_match') and request.resolver_match:
+        view_func = request.resolver_match.func
+        
+        # Check if view function has aiwaf_exempt attribute
+        if hasattr(view_func, 'aiwaf_exempt'):
+            return True
+            
+        # For class-based views, check the view class
+        if hasattr(view_func, 'view_class'):
+            view_class = view_func.view_class
+            if hasattr(view_class, 'aiwaf_exempt'):
+                return True
+                
+            # Check dispatch method for method_decorator usage
+            dispatch_method = getattr(view_class, 'dispatch', None)
+            if dispatch_method and hasattr(dispatch_method, 'aiwaf_exempt'):
+                return True
+                
+    return False
+
+def is_exempt_path(path):
+    """Check if path should be exempt from AI-WAF"""
+    path = path.lower()
+    
+    # Default login paths (always exempt)
+    default_exempt = [
+        "/admin/login/", "/admin/", "/login/", "/accounts/login/", 
+        "/auth/login/", "/signin/"
+    ]
+    
+    # Check default exempt paths
+    for exempt_path in default_exempt:
+        if path.startswith(exempt_path):
+            return True
+        
+    # Check configured exempt paths
+    exempt_paths = getattr(settings, "AIWAF_EXEMPT_PATHS", [])
+    for exempt_path in exempt_paths:
+        if path == exempt_path or path.startswith(exempt_path.rstrip("/") + "/"):
+            return True
+    
+    return False
+
+def is_exempt(request):
+    """Check if request should be exempt (either by path or view decorator)"""
+    return is_exempt_path(request.path) or is_view_exempt(request)

{aiwaf-0.1.8.5.dist-info → aiwaf-0.1.8.6.dist-info}/METADATA

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: aiwaf
-Version: 0.1.8.5
+Version: 0.1.8.6
 Summary: AI-powered Web Application Firewall
 Home-page: https://github.com/aayushgauba/aiwaf
 Author: Aayush Gauba
@@ -99,7 +99,26 @@ AIWAF_EXEMPT_PATHS = [
 ]
 ```
 
-All exempt paths are:
+**Exempt Views (Decorator):**
+Use the `@aiwaf_exempt` decorator to exempt specific views from all AI-WAF protection:
+
+```python
+from aiwaf.decorators import aiwaf_exempt
+from django.http import JsonResponse
+
+@aiwaf_exempt
+def my_api_view(request):
+    """This view will be exempt from all AI-WAF protection"""
+    return JsonResponse({"status": "success"})
+
+# Works with class-based views too
+@aiwaf_exempt
+class MyAPIView(View):
+    def get(self, request):
+        return JsonResponse({"method": "GET"})
+```
+
+All exempt paths and views are:
   - Skipped from keyword learning
   - Immune to AI blocking
   - Ignored in log training

{aiwaf-0.1.8.5.dist-info → aiwaf-0.1.8.6.dist-info}/RECORD

@@ -1,11 +1,12 @@
 aiwaf/__init__.py,sha256=nQFpJ1YpX48snzLjEQCf8zD2YNh8v0b_kPTrXx8uBYc,46
 aiwaf/apps.py,sha256=nCez-Ptlv2kaEk5HenA8b1pATz1VfhrHP1344gwcY1A,142
 aiwaf/blacklist_manager.py,sha256=sM6uTH7zD6MOPGb0kzqV2aFut2vxKgft_UVeRJr7klw,392
-aiwaf/middleware.py,sha256=GmN9R6z1wx1g4coMoixGK_b3i4dwI5z0xBAIu4I7CoQ,10477
+aiwaf/decorators.py,sha256=IUKOdM_gdroffImRZep1g1wT6gNqD10zGwcp28hsJCs,825
+aiwaf/middleware.py,sha256=eMad-wvQWALkH2nIhjssU9Y-AqFleP3Gm0lRu3qE0Bw,9679
 aiwaf/models.py,sha256=XaG1pd_oZu3y-fw66u4wblGlWcUY9gvsTNKGD0kQk7Y,1672
 aiwaf/storage.py,sha256=bxCILzzvA1-q6nwclRE8WrfoRhe25H4VrsQDf0hl_lY,1903
-aiwaf/trainer.py,sha256=eJOHuJgIyqUIqmbYwnMWoR4fQQ8miTn64ASXMmShgI8,9120
-aiwaf/utils.py,sha256=RkEUWhhHy6tOk7V0UYv3cN4xhOR_7aBy9bjhwuV2cdA,1436
+aiwaf/trainer.py,sha256=R00q_QQ1o2UmdIWMWNh847BGBrnI6j-hfjNalojfnhU,8494
+aiwaf/utils.py,sha256=s-rtUrWQFVv-nuGxe2hz5-LLvB6TbZXKj6do46DwrkA,3376
 aiwaf/management/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
 aiwaf/management/commands/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
 aiwaf/management/commands/add_ipexemption.py,sha256=LWN21_ydqSjU3_hUnkou4Ciyrk_479zLvcKdWm8hkC0,988
@@ -14,8 +15,8 @@ aiwaf/management/commands/detect_and_train.py,sha256=-o-LZ7QZ5GeJPCekryox1DGXKMm
 aiwaf/resources/model.pkl,sha256=5t6h9BX8yoh2xct85MXOO60jdlWyg1APskUOW0jZE1Y,1288265
 aiwaf/templatetags/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
 aiwaf/templatetags/aiwaf_tags.py,sha256=XXfb7Tl4DjU3Sc40GbqdaqOEtKTUKELBEk58u83wBNw,357
-aiwaf-0.1.8.5.dist-info/licenses/LICENSE,sha256=Ir8PX4dxgAcdB0wqNPIkw84fzIIRKE75NoUil9RX0QU,1069
-aiwaf-0.1.8.5.dist-info/METADATA,sha256=ef023TmhChIqMkNwTgEsyPODvDs44q9SXmQCYjxzoBs,7435
-aiwaf-0.1.8.5.dist-info/WHEEL,sha256=_zCd3N1l69ArxyTb8rzEoP9TpbYXkqRFSNOD5OuxnTs,91
-aiwaf-0.1.8.5.dist-info/top_level.txt,sha256=kU6EyjobT6UPCxuWpI_BvcHDG0I2tMgKaPlWzVxe2xI,6
-aiwaf-0.1.8.5.dist-info/RECORD,,
+aiwaf-0.1.8.6.dist-info/licenses/LICENSE,sha256=Ir8PX4dxgAcdB0wqNPIkw84fzIIRKE75NoUil9RX0QU,1069
+aiwaf-0.1.8.6.dist-info/METADATA,sha256=s6gux1GQJsbvphRXyVkVPm63_bVWIXcJcagWtBSlgpE,7955
+aiwaf-0.1.8.6.dist-info/WHEEL,sha256=_zCd3N1l69ArxyTb8rzEoP9TpbYXkqRFSNOD5OuxnTs,91
+aiwaf-0.1.8.6.dist-info/top_level.txt,sha256=kU6EyjobT6UPCxuWpI_BvcHDG0I2tMgKaPlWzVxe2xI,6
+aiwaf-0.1.8.6.dist-info/RECORD,,