aiwaf 0.1.8.5__py3-none-any.whl → 0.1.8.7__py3-none-any.whl

aiwaf/blacklist_manager.py

@@ -1,14 +1,24 @@
-from .models import BlacklistEntry
+# aiwaf/blacklist_manager.py
+
+from .storage import get_blacklist_store
 
 class BlacklistManager:
     @staticmethod
     def block(ip, reason):
-        BlacklistEntry.objects.get_or_create(ip_address=ip, defaults={"reason": reason})
+        store = get_blacklist_store()
+        store.add_ip(ip, reason)
 
     @staticmethod
     def is_blocked(ip):
-        return BlacklistEntry.objects.filter(ip_address=ip).exists()
+        store = get_blacklist_store()
+        return store.is_blocked(ip)
 
     @staticmethod
     def all_blocked():
-        return BlacklistEntry.objects.all()
+        store = get_blacklist_store()
+        return store.get_all()
+    
+    @staticmethod
+    def unblock(ip):
+        store = get_blacklist_store()
+        store.remove_ip(ip)

aiwaf/decorators.py

@@ -0,0 +1,28 @@
+from functools import wraps
+from django.utils.decorators import method_decorator
+
+def aiwaf_exempt(view_func):
+    """
+    Decorator to exempt a view from AI-WAF protection.
+    Can be used on function-based views or class-based views.
+    
+    Usage:
+        @aiwaf_exempt
+        def my_view(request):
+            return HttpResponse("This view is exempt from AI-WAF")
+        
+        # Or for class-based views:
+        @method_decorator(aiwaf_exempt, name='dispatch')
+        class MyView(View):
+            pass
+    """
+    @wraps(view_func)
+    def wrapped_view(*args, **kwargs):
+        return view_func(*args, **kwargs)
+    
+    # Mark the view as AI-WAF exempt
+    wrapped_view.aiwaf_exempt = True
+    return wrapped_view
+
+# For class-based views
+aiwaf_exempt_view = method_decorator(aiwaf_exempt, name='dispatch')

aiwaf/management/commands/add_ipexemption.py

@@ -1,5 +1,5 @@
 from django.core.management.base import BaseCommand, CommandError
-from aiwaf.models import IPExemption
+from aiwaf.storage import get_exemption_store
 
 class Command(BaseCommand):
     help = 'Add an IP address to the IPExemption list (prevents blacklisting)'
@@ -11,12 +11,13 @@ class Command(BaseCommand):
     def handle(self, *args, **options):
         ip = options['ip']
         reason = options['reason']
-        obj, created = IPExemption.objects.get_or_create(ip_address=ip, defaults={'reason': reason})
-        if not created:
+        
+        store = get_exemption_store()
+        
+        if store.is_exempted(ip):
             self.stdout.write(self.style.WARNING(f'IP {ip} is already exempted.'))
         else:
+            store.add_ip(ip, reason)
             self.stdout.write(self.style.SUCCESS(f'IP {ip} added to exemption list.'))
-        if reason:
-            obj.reason = reason
-            obj.save()
-            self.stdout.write(self.style.SUCCESS(f'Reason set to: {reason}'))
+            if reason:
+                self.stdout.write(self.style.SUCCESS(f'Reason: {reason}'))

aiwaf/management/commands/aiwaf_reset.py

@@ -1,5 +1,5 @@
 from django.core.management.base import BaseCommand
-from aiwaf.models import BlacklistEntry, IPExemption
+from aiwaf.storage import get_blacklist_store, get_exemption_store
 
 class Command(BaseCommand):
     help = 'Reset AI-WAF by clearing all blacklist and exemption (whitelist) entries'
@@ -26,9 +26,12 @@ class Command(BaseCommand):
         exemptions_only = options['exemptions_only']
         confirm = options['confirm']
         
+        blacklist_store = get_blacklist_store()
+        exemption_store = get_exemption_store()
+        
         # Count current entries
-        blacklist_count = BlacklistEntry.objects.count()
-        exemption_count = IPExemption.objects.count()
+        blacklist_count = len(blacklist_store.get_all())
+        exemption_count = len(exemption_store.get_all())
         
         if blacklist_only and exemptions_only:
             self.stdout.write(self.style.ERROR('Cannot use both --blacklist-only and --exemptions-only flags'))
@@ -61,10 +64,18 @@ class Command(BaseCommand):
         deleted_counts = {'blacklist': 0, 'exemptions': 0}
         
         if clear_blacklist:
-            deleted_counts['blacklist'], _ = BlacklistEntry.objects.all().delete()
+            # Clear blacklist entries
+            blacklist_entries = blacklist_store.get_all()
+            for entry in blacklist_entries:
+                blacklist_store.remove_ip(entry['ip_address'])
+            deleted_counts['blacklist'] = len(blacklist_entries)
         
         if clear_exemptions:
-            deleted_counts['exemptions'], _ = IPExemption.objects.all().delete()
+            # Clear exemption entries
+            exemption_entries = exemption_store.get_all()
+            for entry in exemption_entries:
+                exemption_store.remove_ip(entry['ip_address'])
+            deleted_counts['exemptions'] = len(exemption_entries)
         
         # Report results
         if clear_blacklist and clear_exemptions:

aiwaf/middleware.py

@@ -14,37 +14,11 @@ from django.core.cache import cache
 from django.db.models import F
 from django.apps import apps
 from django.urls import get_resolver
-from .trainer import STATIC_KW, STATUS_IDX, is_exempt_path, path_exists_in_django
+from .trainer import STATIC_KW, STATUS_IDX, path_exists_in_django
 from .blacklist_manager import BlacklistManager
-from .models import DynamicKeyword, IPExemption
-def is_ip_exempted(ip):
-    return IPExemption.objects.filter(ip_address=ip).exists()
-
-def is_exempt_path(path):
-    path = path.lower()
-    
-    # Default login paths that should always be exempt
-    default_login_paths = [
-        "/admin/login/",
-        "/admin/",
-        "/login/",
-        "/accounts/login/",
-        "/auth/login/",
-        "/signin/",
-    ]
-    
-    # Check default login paths
-    for login_path in default_login_paths:
-        if path.startswith(login_path):
-            return True
-    
-    # Check user-configured exempt paths
-    exempt_paths = getattr(settings, "AIWAF_EXEMPT_PATHS", [])
-    for exempt in exempt_paths:
-        if path == exempt or path.startswith(exempt.rstrip("/") + "/"):
-            return True
-    
-    return False
+from .models import IPExemption
+from .utils import is_exempt, get_ip, is_ip_exempted
+from .storage import get_keyword_store
 
 MODEL_PATH = getattr(
     settings,
@@ -93,7 +67,7 @@ class IPAndKeywordBlockMiddleware:
 
     def __call__(self, request):
         raw_path = request.path.lower()
-        if is_exempt_path(raw_path):
+        if is_exempt(request):
             return self.get_response(request)
         ip = get_ip(request)
         path = raw_path.lstrip("/")
@@ -101,15 +75,14 @@ class IPAndKeywordBlockMiddleware:
             return self.get_response(request)
         if BlacklistManager.is_blocked(ip):
             return JsonResponse({"error": "blocked"}, status=403)
+        
+        keyword_store = get_keyword_store()
         segments = [seg for seg in re.split(r"\W+", path) if len(seg) > 3]
+        
         for seg in segments:
-            obj, _ = DynamicKeyword.objects.get_or_create(keyword=seg)
-            DynamicKeyword.objects.filter(pk=obj.pk).update(count=F("count") + 1)
-        dynamic_top = list(
-            DynamicKeyword.objects
-            .order_by("-count")
-            .values_list("keyword", flat=True)[: getattr(settings, "AIWAF_DYNAMIC_TOP_N", 10)]
-        )
+            keyword_store.add_keyword(seg)
+            
+        dynamic_top = keyword_store.get_top_keywords(getattr(settings, "AIWAF_DYNAMIC_TOP_N", 10))
         all_kw = set(STATIC_KW) | set(dynamic_top)
         suspicious_kw = {
             kw for kw in all_kw
@@ -132,7 +105,7 @@ class RateLimitMiddleware:
         self.get_response = get_response
 
     def __call__(self, request):
-        if is_exempt_path(request.path):
+        if is_exempt(request):
             return self.get_response(request)
 
         ip = get_ip(request)
@@ -161,7 +134,7 @@ class AIAnomalyMiddleware(MiddlewareMixin):
         self.model = joblib.load(model_path)
 
     def process_request(self, request):
-        if is_exempt_path(request.path):
+        if is_exempt(request):
             return None
         request._start_time = time.time()
         ip = get_ip(request)
@@ -172,14 +145,14 @@ class AIAnomalyMiddleware(MiddlewareMixin):
         return None
 
     def process_response(self, request, response):
-        if is_exempt_path(request.path):
+        if is_exempt(request):
             return response
         ip = get_ip(request)
         now = time.time()
         key = f"aiwaf:{ip}"
         data = cache.get(key, [])
         path_len = len(request.path)
-        if not path_exists_in_django(request.path) and not is_exempt_path(request.path):
+        if not path_exists_in_django(request.path) and not is_exempt(request):
             kw_hits = sum(1 for kw in STATIC_KW if kw in request.path.lower())
         else:
             kw_hits = 0
@@ -199,10 +172,11 @@ class AIAnomalyMiddleware(MiddlewareMixin):
         data.append((now, request.path, response.status_code, resp_time))
         data = [d for d in data if now - d[0] < self.WINDOW]
         cache.set(key, data, timeout=self.WINDOW)
+        
+        keyword_store = get_keyword_store()
         for seg in re.split(r"\W+", request.path.lower()):
             if len(seg) > 3:
-                obj, _ = DynamicKeyword.objects.get_or_create(keyword=seg)
-                DynamicKeyword.objects.filter(pk=obj.pk).update(count=F("count") + 1)
+                keyword_store.add_keyword(seg)
 
         return response
 
@@ -211,7 +185,7 @@ class HoneypotTimingMiddleware(MiddlewareMixin):
     MIN_FORM_TIME = getattr(settings, "AIWAF_MIN_FORM_TIME", 1.0)  # seconds
     
     def process_request(self, request):
-        if is_exempt_path(request.path):
+        if is_exempt(request):
             return None
             
         ip = get_ip(request)
@@ -255,7 +229,7 @@ class HoneypotTimingMiddleware(MiddlewareMixin):
 
 class UUIDTamperMiddleware(MiddlewareMixin):
     def process_view(self, request, view_func, view_args, view_kwargs):
-        if is_exempt_path(request.path):
+        if is_exempt(request):
             return None
         uid = view_kwargs.get("uuid")
         if not uid:

aiwaf/storage.py

@@ -2,19 +2,33 @@ import os, csv, gzip, glob
 import numpy as np
 import pandas as pd
 from django.conf import settings
-from .models import FeatureSample
+from django.utils import timezone
+from .models import FeatureSample, BlacklistEntry, IPExemption, DynamicKeyword
+
+# Configuration
+STORAGE_MODE = getattr(settings, "AIWAF_STORAGE_MODE", "models")  # "models" or "csv"
+CSV_DATA_DIR = getattr(settings, "AIWAF_CSV_DATA_DIR", "aiwaf_data")
+FEATURE_CSV = getattr(settings, "AIWAF_CSV_PATH", os.path.join(CSV_DATA_DIR, "access_samples.csv"))
+BLACKLIST_CSV = os.path.join(CSV_DATA_DIR, "blacklist.csv")
+EXEMPTION_CSV = os.path.join(CSV_DATA_DIR, "exemptions.csv") 
+KEYWORDS_CSV = os.path.join(CSV_DATA_DIR, "keywords.csv")
 
-DATA_FILE  = getattr(settings, "AIWAF_CSV_PATH", "access_samples.csv")
 CSV_HEADER = [
     "ip","path_len","kw_hits","resp_time",
     "status_idx","burst_count","total_404","label"
 ]
 
+def ensure_csv_directory():
+    """Ensure the CSV data directory exists"""
+    if STORAGE_MODE == "csv" and not os.path.exists(CSV_DATA_DIR):
+        os.makedirs(CSV_DATA_DIR)
+
 class CsvFeatureStore:
     @staticmethod
     def persist_rows(rows):
-        new_file = not os.path.exists(DATA_FILE)
-        with open(DATA_FILE, "a", newline="", encoding="utf-8") as f:
+        ensure_csv_directory()
+        new_file = not os.path.exists(FEATURE_CSV)
+        with open(FEATURE_CSV, "a", newline="", encoding="utf-8") as f:
             w = csv.writer(f)
             if new_file:
                 w.writerow(CSV_HEADER)
@@ -22,10 +36,10 @@ class CsvFeatureStore:
 
     @staticmethod
     def load_matrix():
-        if not os.path.exists(DATA_FILE):
+        if not os.path.exists(FEATURE_CSV):
             return np.empty((0,6))
         df = pd.read_csv(
-            DATA_FILE,
+            FEATURE_CSV,
             names=CSV_HEADER,
             skiprows=1,
             engine="python",
@@ -59,3 +73,279 @@ def get_store():
     if getattr(settings, "AIWAF_FEATURE_STORE", "csv") == "db":
         return DbFeatureStore
     return CsvFeatureStore
+
+
+# ============= CSV Storage Classes =============
+
+class CsvBlacklistStore:
+    """CSV-based storage for IP blacklist entries"""
+    
+    @staticmethod
+    def add_ip(ip_address, reason):
+        ensure_csv_directory()
+        # Check if IP already exists
+        if CsvBlacklistStore.is_blocked(ip_address):
+            return
+        
+        # Add new entry
+        new_file = not os.path.exists(BLACKLIST_CSV)
+        with open(BLACKLIST_CSV, "a", newline="", encoding="utf-8") as f:
+            writer = csv.writer(f)
+            if new_file:
+                writer.writerow(["ip_address", "reason", "created_at"])
+            writer.writerow([ip_address, reason, timezone.now().isoformat()])
+    
+    @staticmethod
+    def is_blocked(ip_address):
+        if not os.path.exists(BLACKLIST_CSV):
+            return False
+        
+        with open(BLACKLIST_CSV, "r", newline="", encoding="utf-8") as f:
+            reader = csv.DictReader(f)
+            for row in reader:
+                if row["ip_address"] == ip_address:
+                    return True
+        return False
+    
+    @staticmethod
+    def get_all():
+        """Return list of dictionaries with blacklist entries"""
+        if not os.path.exists(BLACKLIST_CSV):
+            return []
+        
+        entries = []
+        with open(BLACKLIST_CSV, "r", newline="", encoding="utf-8") as f:
+            reader = csv.DictReader(f)
+            for row in reader:
+                entries.append(row)
+        return entries
+    
+    @staticmethod
+    def remove_ip(ip_address):
+        if not os.path.exists(BLACKLIST_CSV):
+            return
+        
+        # Read all entries except the one to remove
+        entries = []
+        with open(BLACKLIST_CSV, "r", newline="", encoding="utf-8") as f:
+            reader = csv.DictReader(f)
+            entries = [row for row in reader if row["ip_address"] != ip_address]
+        
+        # Write back the filtered entries
+        with open(BLACKLIST_CSV, "w", newline="", encoding="utf-8") as f:
+            if entries:
+                writer = csv.DictWriter(f, fieldnames=["ip_address", "reason", "created_at"])
+                writer.writeheader()
+                writer.writerows(entries)
+
+
+class CsvExemptionStore:
+    """CSV-based storage for IP exemption entries"""
+    
+    @staticmethod
+    def add_ip(ip_address, reason=""):
+        ensure_csv_directory()
+        # Check if IP already exists
+        if CsvExemptionStore.is_exempted(ip_address):
+            return
+        
+        # Add new entry
+        new_file = not os.path.exists(EXEMPTION_CSV)
+        with open(EXEMPTION_CSV, "a", newline="", encoding="utf-8") as f:
+            writer = csv.writer(f)
+            if new_file:
+                writer.writerow(["ip_address", "reason", "created_at"])
+            writer.writerow([ip_address, reason, timezone.now().isoformat()])
+    
+    @staticmethod
+    def is_exempted(ip_address):
+        if not os.path.exists(EXEMPTION_CSV):
+            return False
+        
+        with open(EXEMPTION_CSV, "r", newline="", encoding="utf-8") as f:
+            reader = csv.DictReader(f)
+            for row in reader:
+                if row["ip_address"] == ip_address:
+                    return True
+        return False
+    
+    @staticmethod
+    def get_all():
+        """Return list of dictionaries with exemption entries"""
+        if not os.path.exists(EXEMPTION_CSV):
+            return []
+        
+        entries = []
+        with open(EXEMPTION_CSV, "r", newline="", encoding="utf-8") as f:
+            reader = csv.DictReader(f)
+            for row in reader:
+                entries.append(row)
+        return entries
+    
+    @staticmethod
+    def remove_ip(ip_address):
+        if not os.path.exists(EXEMPTION_CSV):
+            return
+        
+        # Read all entries except the one to remove
+        entries = []
+        with open(EXEMPTION_CSV, "r", newline="", encoding="utf-8") as f:
+            reader = csv.DictReader(f)
+            entries = [row for row in reader if row["ip_address"] != ip_address]
+        
+        # Write back the filtered entries
+        with open(EXEMPTION_CSV, "w", newline="", encoding="utf-8") as f:
+            if entries:
+                writer = csv.DictWriter(f, fieldnames=["ip_address", "reason", "created_at"])
+                writer.writeheader()
+                writer.writerows(entries)
+
+
+class CsvKeywordStore:
+    """CSV-based storage for dynamic keywords"""
+    
+    @staticmethod
+    def add_keyword(keyword, count=1):
+        ensure_csv_directory()
+        
+        # Read existing keywords
+        keywords = CsvKeywordStore._load_keywords()
+        
+        # Update or add keyword
+        keywords[keyword] = keywords.get(keyword, 0) + count
+        
+        # Save back to file
+        CsvKeywordStore._save_keywords(keywords)
+    
+    @staticmethod
+    def get_top_keywords(limit=10):
+        keywords = CsvKeywordStore._load_keywords()
+        # Sort by count in descending order and return top N
+        sorted_keywords = sorted(keywords.items(), key=lambda x: x[1], reverse=True)
+        return [kw for kw, count in sorted_keywords[:limit]]
+    
+    @staticmethod
+    def remove_keyword(keyword):
+        keywords = CsvKeywordStore._load_keywords()
+        if keyword in keywords:
+            del keywords[keyword]
+            CsvKeywordStore._save_keywords(keywords)
+    
+    @staticmethod
+    def clear_all():
+        if os.path.exists(KEYWORDS_CSV):
+            os.remove(KEYWORDS_CSV)
+    
+    @staticmethod
+    def _load_keywords():
+        """Load keywords from CSV file as a dictionary"""
+        if not os.path.exists(KEYWORDS_CSV):
+            return {}
+        
+        keywords = {}
+        with open(KEYWORDS_CSV, "r", newline="", encoding="utf-8") as f:
+            reader = csv.DictReader(f)
+            for row in reader:
+                keywords[row["keyword"]] = int(row["count"])
+        return keywords
+    
+    @staticmethod
+    def _save_keywords(keywords):
+        """Save keywords dictionary to CSV file"""
+        with open(KEYWORDS_CSV, "w", newline="", encoding="utf-8") as f:
+            writer = csv.writer(f)
+            writer.writerow(["keyword", "count", "last_updated"])
+            for keyword, count in keywords.items():
+                writer.writerow([keyword, count, timezone.now().isoformat()])
+
+
+# ============= Storage Factory Functions =============
+
+def get_blacklist_store():
+    """Return appropriate blacklist storage class based on settings"""
+    if STORAGE_MODE == "csv":
+        return CsvBlacklistStore
+    else:
+        # Return a wrapper for Django models
+        return ModelBlacklistStore
+
+
+def get_exemption_store():
+    """Return appropriate exemption storage class based on settings"""
+    if STORAGE_MODE == "csv":
+        return CsvExemptionStore
+    else:
+        return ModelExemptionStore
+
+
+def get_keyword_store():
+    """Return appropriate keyword storage class based on settings"""
+    if STORAGE_MODE == "csv":
+        return CsvKeywordStore
+    else:
+        return ModelKeywordStore
+
+
+# ============= Django Model Wrappers =============
+
+class ModelBlacklistStore:
+    """Django model-based storage for blacklist entries"""
+    
+    @staticmethod
+    def add_ip(ip_address, reason):
+        BlacklistEntry.objects.get_or_create(ip_address=ip_address, defaults={"reason": reason})
+    
+    @staticmethod
+    def is_blocked(ip_address):
+        return BlacklistEntry.objects.filter(ip_address=ip_address).exists()
+    
+    @staticmethod
+    def get_all():
+        return list(BlacklistEntry.objects.values("ip_address", "reason", "created_at"))
+    
+    @staticmethod
+    def remove_ip(ip_address):
+        BlacklistEntry.objects.filter(ip_address=ip_address).delete()
+
+
+class ModelExemptionStore:
+    """Django model-based storage for exemption entries"""
+    
+    @staticmethod
+    def add_ip(ip_address, reason=""):
+        IPExemption.objects.get_or_create(ip_address=ip_address, defaults={"reason": reason})
+    
+    @staticmethod
+    def is_exempted(ip_address):
+        return IPExemption.objects.filter(ip_address=ip_address).exists()
+    
+    @staticmethod
+    def get_all():
+        return list(IPExemption.objects.values("ip_address", "reason", "created_at"))
+    
+    @staticmethod
+    def remove_ip(ip_address):
+        IPExemption.objects.filter(ip_address=ip_address).delete()
+
+
+class ModelKeywordStore:
+    """Django model-based storage for dynamic keywords"""
+    
+    @staticmethod
+    def add_keyword(keyword, count=1):
+        obj, created = DynamicKeyword.objects.get_or_create(keyword=keyword, defaults={"count": count})
+        if not created:
+            obj.count += count
+            obj.save()
+    
+    @staticmethod
+    def get_top_keywords(limit=10):
+        return list(DynamicKeyword.objects.order_by("-count").values_list("keyword", flat=True)[:limit])
+    
+    @staticmethod
+    def remove_keyword(keyword):
+        DynamicKeyword.objects.filter(keyword=keyword).delete()
+    
+    @staticmethod
+    def clear_all():
+        DynamicKeyword.objects.all().delete()

aiwaf/trainer.py

@@ -13,6 +13,8 @@ from sklearn.ensemble import IsolationForest
 from django.conf import settings
 from django.apps import apps
 from django.db.models import F
+from .utils import is_exempt_path
+from .storage import get_blacklist_store, get_exemption_store, get_keyword_store
 
 # ─────────── Configuration ───────────
 LOG_PATH   = settings.AIWAF_ACCESS_LOG
@@ -27,36 +29,6 @@ _LOG_RX = re.compile(
 )
 
 
-BlacklistEntry = apps.get_model("aiwaf", "BlacklistEntry")
-DynamicKeyword = apps.get_model("aiwaf", "DynamicKeyword")
-IPExemption = apps.get_model("aiwaf", "IPExemption")
-
-
-def is_exempt_path(path: str) -> bool:
-    path = path.lower()
-    
-    # Default login paths that should always be exempt
-    default_login_paths = [
-        "/admin/login/",
-        "/admin/",
-        "/login/",
-        "/accounts/login/",
-        "/auth/login/",
-        "/signin/",
-    ]
-    
-    # Check default login paths
-    for login_path in default_login_paths:
-        if path.startswith(login_path):
-            return True
-    
-    # Check user-configured exempt paths
-    for exempt in getattr(settings, "AIWAF_EXEMPT_PATHS", []):
-        if path == exempt or path.startswith(exempt.rstrip("/") + "/"):
-            return True
-    return False
-
-
 def path_exists_in_django(path: str) -> bool:
     from django.urls import get_resolver
     from django.urls.resolvers import URLResolver
@@ -78,13 +50,17 @@ def path_exists_in_django(path: str) -> bool:
 
 
 def remove_exempt_keywords() -> None:
+    keyword_store = get_keyword_store()
     exempt_tokens = set()
+    
     for path in getattr(settings, "AIWAF_EXEMPT_PATHS", []):
         for seg in re.split(r"\W+", path.strip("/").lower()):
             if len(seg) > 3:
                 exempt_tokens.add(seg)
-    if exempt_tokens:
-        DynamicKeyword.objects.filter(keyword__in=exempt_tokens).delete()
+    
+    # Remove exempt tokens from keyword storage
+    for token in exempt_tokens:
+        keyword_store.remove_keyword(token)
 
 
 def _read_all_logs() -> list[str]:
@@ -122,10 +98,15 @@ def _parse(line: str) -> dict | None:
 
 def train() -> None:
     remove_exempt_keywords()
-    # Remove any IPs in IPExemption from the blacklist
-    exempt_ips = set(IPExemption.objects.values_list("ip_address", flat=True))
-    if exempt_ips:
-        BlacklistEntry.objects.filter(ip_address__in=exempt_ips).delete()
+    
+    # Remove any IPs in IPExemption from the blacklist using storage system
+    exemption_store = get_exemption_store()
+    blacklist_store = get_blacklist_store()
+    
+    exempted_ips = [entry['ip_address'] for entry in exemption_store.get_all()]
+    for ip in exempted_ips:
+        blacklist_store.remove_ip(ip)
+    
     raw_lines = _read_all_logs()
     if not raw_lines:
         print("No log lines found – check AIWAF_ACCESS_LOG setting.")
@@ -157,10 +138,8 @@ def train() -> None:
             
             # Don't block if majority of 404s are on login paths
             if count > login_404s:  # More non-login 404s than login 404s
-                BlacklistEntry.objects.get_or_create(
-                    ip_address=ip,
-                    defaults={"reason": f"Excessive 404s (≥6 non-login, {count}/{total_404s})"}
-                )
+                blacklist_store = get_blacklist_store()
+                blacklist_store.add_ip(ip, f"Excessive 404s (≥6 non-login, {count}/{total_404s})")
 
     feature_dicts = []
     for r in parsed:
@@ -211,10 +190,13 @@ def train() -> None:
     if anomalous_ips:
         print(f"⚠️  Detected {len(anomalous_ips)} potentially anomalous IPs during training")
         
+        exemption_store = get_exemption_store()
+        blacklist_store = get_blacklist_store()
         blocked_count = 0
+        
         for ip in anomalous_ips:
             # Skip if IP is exempted
-            if IPExemption.objects.filter(ip_address=ip).exists():
+            if exemption_store.is_exempted(ip):
                 continue
             
             # Get this IP's behavior from the data
@@ -237,10 +219,7 @@ def train() -> None:
                 continue
             
             # Block if it shows clear signs of malicious behavior
-            BlacklistEntry.objects.get_or_create(
-                ip_address=ip,
-                defaults={"reason": f"AI anomaly + suspicious patterns (kw:{avg_kw_hits:.1f}, 404s:{max_404s}, burst:{avg_burst:.1f})"}
-            )
+            blacklist_store.add_ip(ip, f"AI anomaly + suspicious patterns (kw:{avg_kw_hits:.1f}, 404s:{max_404s}, burst:{avg_burst:.1f})")
             blocked_count += 1
             print(f"   - {ip}: Blocked for suspicious behavior (kw:{avg_kw_hits:.1f}, 404s:{max_404s}, burst:{avg_burst:.1f})")
         
@@ -254,8 +233,10 @@ def train() -> None:
                 if len(seg) > 3 and seg not in STATIC_KW:
                     tokens[seg] += 1
 
-    for kw, cnt in tokens.most_common(10):
-        obj, _ = DynamicKeyword.objects.get_or_create(keyword=kw)
-        DynamicKeyword.objects.filter(pk=obj.pk).update(count=F("count") + cnt)
+    keyword_store = get_keyword_store()
+    top_tokens = tokens.most_common(10)
+    
+    for kw, cnt in top_tokens:
+        keyword_store.add_keyword(kw, cnt)
 
-    print(f"DynamicKeyword DB updated with top tokens: {[kw for kw, _ in tokens.most_common(10)]}")
+    print(f"DynamicKeyword storage updated with top tokens: {[kw for kw, _ in top_tokens]}")

aiwaf/utils.py

@@ -3,6 +3,8 @@ import re
 import glob
 import gzip
 from datetime import datetime
+from django.conf import settings
+from .storage import get_exemption_store
 
 _LOG_RX = re.compile(
     r'(\d+\.\d+\.\d+\.\d+).*\[(.*?)\].*"(GET|POST) (.*?) HTTP/.*?" (\d{3}).*?"(.*?)" "(.*?)"'
@@ -47,4 +49,58 @@ def parse_log_line(line):
         "referer": ref,
         "user_agent": ua,
         "response_time": rt
-    }
+    }
+
+def is_ip_exempted(ip):
+    """Check if IP is in exemption list"""
+    store = get_exemption_store()
+    return store.is_exempted(ip)
+
+def is_view_exempt(request):
+    """Check if the current view is marked as AI-WAF exempt"""
+    if hasattr(request, 'resolver_match') and request.resolver_match:
+        view_func = request.resolver_match.func
+        
+        # Check if view function has aiwaf_exempt attribute
+        if hasattr(view_func, 'aiwaf_exempt'):
+            return True
+            
+        # For class-based views, check the view class
+        if hasattr(view_func, 'view_class'):
+            view_class = view_func.view_class
+            if hasattr(view_class, 'aiwaf_exempt'):
+                return True
+                
+            # Check dispatch method for method_decorator usage
+            dispatch_method = getattr(view_class, 'dispatch', None)
+            if dispatch_method and hasattr(dispatch_method, 'aiwaf_exempt'):
+                return True
+                
+    return False
+
+def is_exempt_path(path):
+    """Check if path should be exempt from AI-WAF"""
+    path = path.lower()
+    
+    # Default login paths (always exempt)
+    default_exempt = [
+        "/admin/login/", "/admin/", "/login/", "/accounts/login/", 
+        "/auth/login/", "/signin/"
+    ]
+    
+    # Check default exempt paths
+    for exempt_path in default_exempt:
+        if path.startswith(exempt_path):
+            return True
+        
+    # Check configured exempt paths
+    exempt_paths = getattr(settings, "AIWAF_EXEMPT_PATHS", [])
+    for exempt_path in exempt_paths:
+        if path == exempt_path or path.startswith(exempt_path.rstrip("/") + "/"):
+            return True
+    
+    return False
+
+def is_exempt(request):
+    """Check if request should be exempt (either by path or view decorator)"""
+    return is_exempt_path(request.path) or is_view_exempt(request)

{aiwaf-0.1.8.5.dist-info → aiwaf-0.1.8.7.dist-info}/METADATA

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: aiwaf
-Version: 0.1.8.5
+Version: 0.1.8.7
 Summary: AI-powered Web Application Firewall
 Home-page: https://github.com/aayushgauba/aiwaf
 Author: Aayush Gauba
@@ -99,7 +99,26 @@ AIWAF_EXEMPT_PATHS = [
 ]
 ```
 
-All exempt paths are:
+**Exempt Views (Decorator):**
+Use the `@aiwaf_exempt` decorator to exempt specific views from all AI-WAF protection:
+
+```python
+from aiwaf.decorators import aiwaf_exempt
+from django.http import JsonResponse
+
+@aiwaf_exempt
+def my_api_view(request):
+    """This view will be exempt from all AI-WAF protection"""
+    return JsonResponse({"status": "success"})
+
+# Works with class-based views too
+@aiwaf_exempt
+class MyAPIView(View):
+    def get(self, request):
+        return JsonResponse({"method": "GET"})
+```
+
+All exempt paths and views are:
   - Skipped from keyword learning
   - Immune to AI blocking
   - Ignored in log training
@@ -169,6 +188,31 @@ AIWAF_ACCESS_LOG = "/var/log/nginx/access.log"
 
 ---
 
+### Storage Configuration
+
+**Choose storage backend:**
+
+```python
+# Use Django models (default) - requires database tables
+AIWAF_STORAGE_MODE = "models"
+
+# OR use CSV files - no database required
+AIWAF_STORAGE_MODE = "csv"
+AIWAF_CSV_DATA_DIR = "aiwaf_data"  # Directory for CSV files
+```
+
+**CSV Mode Features:**
+- No database migrations required
+- Files stored in `aiwaf_data/` directory:
+  - `blacklist.csv` - Blocked IP addresses
+  - `exemptions.csv` - Exempt IP addresses  
+  - `keywords.csv` - Dynamic keywords
+  - `access_samples.csv` - Feature samples for ML training
+- Perfect for lightweight deployments or when you prefer file-based storage
+- Management commands work identically in both modes
+
+---
+
 ### Optional (defaults shown)
 
 ```python

aiwaf-0.1.8.7.dist-info/RECORD

@@ -0,0 +1,22 @@
+aiwaf/__init__.py,sha256=nQFpJ1YpX48snzLjEQCf8zD2YNh8v0b_kPTrXx8uBYc,46
+aiwaf/apps.py,sha256=nCez-Ptlv2kaEk5HenA8b1pATz1VfhrHP1344gwcY1A,142
+aiwaf/blacklist_manager.py,sha256=92ltIrFfv8WOC4CXwvNVZYfivkRZHGNg3E2QAbHQipQ,550
+aiwaf/decorators.py,sha256=IUKOdM_gdroffImRZep1g1wT6gNqD10zGwcp28hsJCs,825
+aiwaf/middleware.py,sha256=1JPrc0npI_a5bnB-thN0ME1ehfTbWBl1j9wTndZwRdQ,9505
+aiwaf/models.py,sha256=XaG1pd_oZu3y-fw66u4wblGlWcUY9gvsTNKGD0kQk7Y,1672
+aiwaf/storage.py,sha256=Z0KWArfLmOHnvUcL5aVx8W_aHMr-qoEW8FVGrM23BvA,11639
+aiwaf/trainer.py,sha256=qzQOtMW0_OA5JWWh6Znbc5BG3gcQ6Cb_NNWMOgLf3VQ,8487
+aiwaf/utils.py,sha256=BJk5vJCYdGPl_4QQiknjhCbkzv5HZCXgFcBJDMJpHok,3390
+aiwaf/management/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
+aiwaf/management/commands/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
+aiwaf/management/commands/add_ipexemption.py,sha256=srgdVPDJtF7G9GGIqaZ7L3qTuNheoS_uwlhlRO4W2bc,945
+aiwaf/management/commands/aiwaf_reset.py,sha256=0FIBqpZS8xgFFvAKJ-0zAC_-QNQwRkOHpXb8N-OdFr8,3740
+aiwaf/management/commands/detect_and_train.py,sha256=-o-LZ7QZ5GeJPCekryox1DGXKMmFEkwwrcDsiM166K0,269
+aiwaf/resources/model.pkl,sha256=5t6h9BX8yoh2xct85MXOO60jdlWyg1APskUOW0jZE1Y,1288265
+aiwaf/templatetags/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
+aiwaf/templatetags/aiwaf_tags.py,sha256=XXfb7Tl4DjU3Sc40GbqdaqOEtKTUKELBEk58u83wBNw,357
+aiwaf-0.1.8.7.dist-info/licenses/LICENSE,sha256=Ir8PX4dxgAcdB0wqNPIkw84fzIIRKE75NoUil9RX0QU,1069
+aiwaf-0.1.8.7.dist-info/METADATA,sha256=qAIF4-sV_Br3BPp6Ivn3fXzY9uWvdtMco1zXBlkKkW0,8664
+aiwaf-0.1.8.7.dist-info/WHEEL,sha256=_zCd3N1l69ArxyTb8rzEoP9TpbYXkqRFSNOD5OuxnTs,91
+aiwaf-0.1.8.7.dist-info/top_level.txt,sha256=kU6EyjobT6UPCxuWpI_BvcHDG0I2tMgKaPlWzVxe2xI,6
+aiwaf-0.1.8.7.dist-info/RECORD,,

aiwaf-0.1.8.5.dist-info/RECORD

@@ -1,21 +0,0 @@
-aiwaf/__init__.py,sha256=nQFpJ1YpX48snzLjEQCf8zD2YNh8v0b_kPTrXx8uBYc,46
-aiwaf/apps.py,sha256=nCez-Ptlv2kaEk5HenA8b1pATz1VfhrHP1344gwcY1A,142
-aiwaf/blacklist_manager.py,sha256=sM6uTH7zD6MOPGb0kzqV2aFut2vxKgft_UVeRJr7klw,392
-aiwaf/middleware.py,sha256=GmN9R6z1wx1g4coMoixGK_b3i4dwI5z0xBAIu4I7CoQ,10477
-aiwaf/models.py,sha256=XaG1pd_oZu3y-fw66u4wblGlWcUY9gvsTNKGD0kQk7Y,1672
-aiwaf/storage.py,sha256=bxCILzzvA1-q6nwclRE8WrfoRhe25H4VrsQDf0hl_lY,1903
-aiwaf/trainer.py,sha256=eJOHuJgIyqUIqmbYwnMWoR4fQQ8miTn64ASXMmShgI8,9120
-aiwaf/utils.py,sha256=RkEUWhhHy6tOk7V0UYv3cN4xhOR_7aBy9bjhwuV2cdA,1436
-aiwaf/management/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
-aiwaf/management/commands/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
-aiwaf/management/commands/add_ipexemption.py,sha256=LWN21_ydqSjU3_hUnkou4Ciyrk_479zLvcKdWm8hkC0,988
-aiwaf/management/commands/aiwaf_reset.py,sha256=dUTYX6Z6_X3Ft3lqF_McXE7OdKADlQFGFWvjdvFVZFI,3245
-aiwaf/management/commands/detect_and_train.py,sha256=-o-LZ7QZ5GeJPCekryox1DGXKMmFEkwwrcDsiM166K0,269
-aiwaf/resources/model.pkl,sha256=5t6h9BX8yoh2xct85MXOO60jdlWyg1APskUOW0jZE1Y,1288265
-aiwaf/templatetags/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
-aiwaf/templatetags/aiwaf_tags.py,sha256=XXfb7Tl4DjU3Sc40GbqdaqOEtKTUKELBEk58u83wBNw,357
-aiwaf-0.1.8.5.dist-info/licenses/LICENSE,sha256=Ir8PX4dxgAcdB0wqNPIkw84fzIIRKE75NoUil9RX0QU,1069
-aiwaf-0.1.8.5.dist-info/METADATA,sha256=ef023TmhChIqMkNwTgEsyPODvDs44q9SXmQCYjxzoBs,7435
-aiwaf-0.1.8.5.dist-info/WHEEL,sha256=_zCd3N1l69ArxyTb8rzEoP9TpbYXkqRFSNOD5OuxnTs,91
-aiwaf-0.1.8.5.dist-info/top_level.txt,sha256=kU6EyjobT6UPCxuWpI_BvcHDG0I2tMgKaPlWzVxe2xI,6
-aiwaf-0.1.8.5.dist-info/RECORD,,