PyPI - aiwaf - Versions diffs - 0.1.8.5__tar.gz → 0.1.8.7__tar.gz - Mend

aiwaf 0.1.8.5tar.gz → 0.1.8.7tar.gz

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Potentially problematic release.

This version of aiwaf might be problematic. Click here for more details.

Files changed (31) hide show

{aiwaf-0.1.8.5 → aiwaf-0.1.8.7}/PKG-INFO RENAMED Viewed

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: aiwaf
-Version: 0.1.8.5
+Version: 0.1.8.7
 Summary: AI-powered Web Application Firewall
 Home-page: https://github.com/aayushgauba/aiwaf
 Author: Aayush Gauba
@@ -99,7 +99,26 @@ AIWAF_EXEMPT_PATHS = [
 ]
 ```
-All exempt paths are:
+**Exempt Views (Decorator):**
+Use the `@aiwaf_exempt` decorator to exempt specific views from all AI-WAF protection:
+```python
+from aiwaf.decorators import aiwaf_exempt
+from django.http import JsonResponse
+@aiwaf_exempt
+def my_api_view(request):
+    """This view will be exempt from all AI-WAF protection"""
+    return JsonResponse({"status": "success"})
+# Works with class-based views too
+@aiwaf_exempt
+class MyAPIView(View):
+    def get(self, request):
+        return JsonResponse({"method": "GET"})
+```
+All exempt paths and views are:
   - Skipped from keyword learning
   - Immune to AI blocking
   - Ignored in log training
@@ -169,6 +188,31 @@ AIWAF_ACCESS_LOG = "/var/log/nginx/access.log"
 ---
+### Storage Configuration
+**Choose storage backend:**
+```python
+# Use Django models (default) - requires database tables
+AIWAF_STORAGE_MODE = "models"
+# OR use CSV files - no database required
+AIWAF_STORAGE_MODE = "csv"
+AIWAF_CSV_DATA_DIR = "aiwaf_data"  # Directory for CSV files
+```
+**CSV Mode Features:**
+- No database migrations required
+- Files stored in `aiwaf_data/` directory:
+  - `blacklist.csv` - Blocked IP addresses
+  - `exemptions.csv` - Exempt IP addresses
+  - `keywords.csv` - Dynamic keywords
+  - `access_samples.csv` - Feature samples for ML training
+- Perfect for lightweight deployments or when you prefer file-based storage
+- Management commands work identically in both modes
+---
 ### Optional (defaults shown)
 ```python

{aiwaf-0.1.8.5 → aiwaf-0.1.8.7}/README.md RENAMED Viewed

@@ -78,7 +78,26 @@ AIWAF_EXEMPT_PATHS = [
 ]
 ```
-All exempt paths are:
+**Exempt Views (Decorator):**
+Use the `@aiwaf_exempt` decorator to exempt specific views from all AI-WAF protection:
+```python
+from aiwaf.decorators import aiwaf_exempt
+from django.http import JsonResponse
+@aiwaf_exempt
+def my_api_view(request):
+    """This view will be exempt from all AI-WAF protection"""
+    return JsonResponse({"status": "success"})
+# Works with class-based views too
+@aiwaf_exempt
+class MyAPIView(View):
+    def get(self, request):
+        return JsonResponse({"method": "GET"})
+```
+All exempt paths and views are:
   - Skipped from keyword learning
   - Immune to AI blocking
   - Ignored in log training
@@ -148,6 +167,31 @@ AIWAF_ACCESS_LOG = "/var/log/nginx/access.log"
 ---
+### Storage Configuration
+**Choose storage backend:**
+```python
+# Use Django models (default) - requires database tables
+AIWAF_STORAGE_MODE = "models"
+# OR use CSV files - no database required
+AIWAF_STORAGE_MODE = "csv"
+AIWAF_CSV_DATA_DIR = "aiwaf_data"  # Directory for CSV files
+```
+**CSV Mode Features:**
+- No database migrations required
+- Files stored in `aiwaf_data/` directory:
+  - `blacklist.csv` - Blocked IP addresses
+  - `exemptions.csv` - Exempt IP addresses
+  - `keywords.csv` - Dynamic keywords
+  - `access_samples.csv` - Feature samples for ML training
+- Perfect for lightweight deployments or when you prefer file-based storage
+- Management commands work identically in both modes
+---
 ### Optional (defaults shown)
 ```python

aiwaf-0.1.8.7/aiwaf/blacklist_manager.py ADDED Viewed

@@ -0,0 +1,24 @@
+# aiwaf/blacklist_manager.py
+from .storage import get_blacklist_store
+class BlacklistManager:
+    @staticmethod
+    def block(ip, reason):
+        store = get_blacklist_store()
+        store.add_ip(ip, reason)
+    @staticmethod
+    def is_blocked(ip):
+        store = get_blacklist_store()
+        return store.is_blocked(ip)
+    @staticmethod
+    def all_blocked():
+        store = get_blacklist_store()
+        return store.get_all()
+    @staticmethod
+    def unblock(ip):
+        store = get_blacklist_store()
+        store.remove_ip(ip)

aiwaf-0.1.8.7/aiwaf/decorators.py ADDED Viewed

@@ -0,0 +1,28 @@
+from functools import wraps
+from django.utils.decorators import method_decorator
+def aiwaf_exempt(view_func):
+    """
+    Decorator to exempt a view from AI-WAF protection.
+    Can be used on function-based views or class-based views.
+    Usage:
+        @aiwaf_exempt
+        def my_view(request):
+            return HttpResponse("This view is exempt from AI-WAF")
+        # Or for class-based views:
+        @method_decorator(aiwaf_exempt, name='dispatch')
+        class MyView(View):
+            pass
+    """
+    @wraps(view_func)
+    def wrapped_view(*args, **kwargs):
+        return view_func(*args, **kwargs)
+    # Mark the view as AI-WAF exempt
+    wrapped_view.aiwaf_exempt = True
+    return wrapped_view
+# For class-based views
+aiwaf_exempt_view = method_decorator(aiwaf_exempt, name='dispatch')

{aiwaf-0.1.8.5 → aiwaf-0.1.8.7}/aiwaf/management/commands/add_ipexemption.py RENAMED Viewed

@@ -1,5 +1,5 @@
 from django.core.management.base import BaseCommand, CommandError
-from aiwaf.models import IPExemption
+from aiwaf.storage import get_exemption_store
 class Command(BaseCommand):
     help = 'Add an IP address to the IPExemption list (prevents blacklisting)'
@@ -11,12 +11,13 @@ class Command(BaseCommand):
     def handle(self, *args, **options):
         ip = options['ip']
         reason = options['reason']
-        obj, created = IPExemption.objects.get_or_create(ip_address=ip, defaults={'reason': reason})
-        if not created:
+        store = get_exemption_store()
+        if store.is_exempted(ip):
             self.stdout.write(self.style.WARNING(f'IP {ip} is already exempted.'))
         else:
+            store.add_ip(ip, reason)
             self.stdout.write(self.style.SUCCESS(f'IP {ip} added to exemption list.'))
-        if reason:
-            obj.reason = reason
-            obj.save()
-            self.stdout.write(self.style.SUCCESS(f'Reason set to: {reason}'))
+            if reason:
+                self.stdout.write(self.style.SUCCESS(f'Reason: {reason}'))

{aiwaf-0.1.8.5 → aiwaf-0.1.8.7}/aiwaf/management/commands/aiwaf_reset.py RENAMED Viewed

@@ -1,5 +1,5 @@
 from django.core.management.base import BaseCommand
-from aiwaf.models import BlacklistEntry, IPExemption
+from aiwaf.storage import get_blacklist_store, get_exemption_store
 class Command(BaseCommand):
     help = 'Reset AI-WAF by clearing all blacklist and exemption (whitelist) entries'
@@ -26,9 +26,12 @@ class Command(BaseCommand):
         exemptions_only = options['exemptions_only']
         confirm = options['confirm']
+        blacklist_store = get_blacklist_store()
+        exemption_store = get_exemption_store()
         # Count current entries
-        blacklist_count = BlacklistEntry.objects.count()
-        exemption_count = IPExemption.objects.count()
+        blacklist_count = len(blacklist_store.get_all())
+        exemption_count = len(exemption_store.get_all())
         if blacklist_only and exemptions_only:
             self.stdout.write(self.style.ERROR('Cannot use both --blacklist-only and --exemptions-only flags'))
@@ -61,10 +64,18 @@ class Command(BaseCommand):
         deleted_counts = {'blacklist': 0, 'exemptions': 0}
         if clear_blacklist:
-            deleted_counts['blacklist'], _ = BlacklistEntry.objects.all().delete()
+            # Clear blacklist entries
+            blacklist_entries = blacklist_store.get_all()
+            for entry in blacklist_entries:
+                blacklist_store.remove_ip(entry['ip_address'])
+            deleted_counts['blacklist'] = len(blacklist_entries)
         if clear_exemptions:
-            deleted_counts['exemptions'], _ = IPExemption.objects.all().delete()
+            # Clear exemption entries
+            exemption_entries = exemption_store.get_all()
+            for entry in exemption_entries:
+                exemption_store.remove_ip(entry['ip_address'])
+            deleted_counts['exemptions'] = len(exemption_entries)
         # Report results
         if clear_blacklist and clear_exemptions:

{aiwaf-0.1.8.5 → aiwaf-0.1.8.7}/aiwaf/middleware.py RENAMED Viewed

@@ -14,37 +14,11 @@ from django.core.cache import cache
 from django.db.models import F
 from django.apps import apps
 from django.urls import get_resolver
-from .trainer import STATIC_KW, STATUS_IDX, is_exempt_path, path_exists_in_django
+from .trainer import STATIC_KW, STATUS_IDX, path_exists_in_django
 from .blacklist_manager import BlacklistManager
-from .models import DynamicKeyword, IPExemption
-def is_ip_exempted(ip):
-    return IPExemption.objects.filter(ip_address=ip).exists()
-def is_exempt_path(path):
-    path = path.lower()
-    # Default login paths that should always be exempt
-    default_login_paths = [
-        "/admin/login/",
-        "/admin/",
-        "/login/",
-        "/accounts/login/",
-        "/auth/login/",
-        "/signin/",
-    ]
-    # Check default login paths
-    for login_path in default_login_paths:
-        if path.startswith(login_path):
-            return True
-    # Check user-configured exempt paths
-    exempt_paths = getattr(settings, "AIWAF_EXEMPT_PATHS", [])
-    for exempt in exempt_paths:
-        if path == exempt or path.startswith(exempt.rstrip("/") + "/"):
-            return True
-    return False
+from .models import IPExemption
+from .utils import is_exempt, get_ip, is_ip_exempted
+from .storage import get_keyword_store
 MODEL_PATH = getattr(
     settings,
@@ -93,7 +67,7 @@ class IPAndKeywordBlockMiddleware:
     def __call__(self, request):
         raw_path = request.path.lower()
-        if is_exempt_path(raw_path):
+        if is_exempt(request):
             return self.get_response(request)
         ip = get_ip(request)
         path = raw_path.lstrip("/")
@@ -101,15 +75,14 @@ class IPAndKeywordBlockMiddleware:
             return self.get_response(request)
         if BlacklistManager.is_blocked(ip):
             return JsonResponse({"error": "blocked"}, status=403)
+        keyword_store = get_keyword_store()
         segments = [seg for seg in re.split(r"\W+", path) if len(seg) > 3]
         for seg in segments:
-            obj, _ = DynamicKeyword.objects.get_or_create(keyword=seg)
-            DynamicKeyword.objects.filter(pk=obj.pk).update(count=F("count") + 1)
-        dynamic_top = list(
-            DynamicKeyword.objects
-            .order_by("-count")
-            .values_list("keyword", flat=True)[: getattr(settings, "AIWAF_DYNAMIC_TOP_N", 10)]
-        )
+            keyword_store.add_keyword(seg)
+        dynamic_top = keyword_store.get_top_keywords(getattr(settings, "AIWAF_DYNAMIC_TOP_N", 10))
         all_kw = set(STATIC_KW) | set(dynamic_top)
         suspicious_kw = {
             kw for kw in all_kw
@@ -132,7 +105,7 @@ class RateLimitMiddleware:
         self.get_response = get_response
     def __call__(self, request):
-        if is_exempt_path(request.path):
+        if is_exempt(request):
             return self.get_response(request)
         ip = get_ip(request)
@@ -161,7 +134,7 @@ class AIAnomalyMiddleware(MiddlewareMixin):
         self.model = joblib.load(model_path)
     def process_request(self, request):
-        if is_exempt_path(request.path):
+        if is_exempt(request):
             return None
         request._start_time = time.time()
         ip = get_ip(request)
@@ -172,14 +145,14 @@ class AIAnomalyMiddleware(MiddlewareMixin):
         return None
     def process_response(self, request, response):
-        if is_exempt_path(request.path):
+        if is_exempt(request):
             return response
         ip = get_ip(request)
         now = time.time()
         key = f"aiwaf:{ip}"
         data = cache.get(key, [])
         path_len = len(request.path)
-        if not path_exists_in_django(request.path) and not is_exempt_path(request.path):
+        if not path_exists_in_django(request.path) and not is_exempt(request):
             kw_hits = sum(1 for kw in STATIC_KW if kw in request.path.lower())
         else:
             kw_hits = 0
@@ -199,10 +172,11 @@ class AIAnomalyMiddleware(MiddlewareMixin):
         data.append((now, request.path, response.status_code, resp_time))
         data = [d for d in data if now - d[0] < self.WINDOW]
         cache.set(key, data, timeout=self.WINDOW)
+        keyword_store = get_keyword_store()
         for seg in re.split(r"\W+", request.path.lower()):
             if len(seg) > 3:
-                obj, _ = DynamicKeyword.objects.get_or_create(keyword=seg)
-                DynamicKeyword.objects.filter(pk=obj.pk).update(count=F("count") + 1)
+                keyword_store.add_keyword(seg)
         return response
@@ -211,7 +185,7 @@ class HoneypotTimingMiddleware(MiddlewareMixin):
     MIN_FORM_TIME = getattr(settings, "AIWAF_MIN_FORM_TIME", 1.0)  # seconds
     def process_request(self, request):
-        if is_exempt_path(request.path):
+        if is_exempt(request):
             return None
         ip = get_ip(request)
@@ -255,7 +229,7 @@ class HoneypotTimingMiddleware(MiddlewareMixin):
 class UUIDTamperMiddleware(MiddlewareMixin):
     def process_view(self, request, view_func, view_args, view_kwargs):
-        if is_exempt_path(request.path):
+        if is_exempt(request):
             return None
         uid = view_kwargs.get("uuid")
         if not uid:

aiwaf-0.1.8.7/aiwaf/storage.py ADDED Viewed

@@ -0,0 +1,351 @@
+import os, csv, gzip, glob
+import numpy as np
+import pandas as pd
+from django.conf import settings
+from django.utils import timezone
+from .models import FeatureSample, BlacklistEntry, IPExemption, DynamicKeyword
+# Configuration
+STORAGE_MODE = getattr(settings, "AIWAF_STORAGE_MODE", "models")  # "models" or "csv"
+CSV_DATA_DIR = getattr(settings, "AIWAF_CSV_DATA_DIR", "aiwaf_data")
+FEATURE_CSV = getattr(settings, "AIWAF_CSV_PATH", os.path.join(CSV_DATA_DIR, "access_samples.csv"))
+BLACKLIST_CSV = os.path.join(CSV_DATA_DIR, "blacklist.csv")
+EXEMPTION_CSV = os.path.join(CSV_DATA_DIR, "exemptions.csv")
+KEYWORDS_CSV = os.path.join(CSV_DATA_DIR, "keywords.csv")
+CSV_HEADER = [
+    "ip","path_len","kw_hits","resp_time",
+    "status_idx","burst_count","total_404","label"
+]
+def ensure_csv_directory():
+    """Ensure the CSV data directory exists"""
+    if STORAGE_MODE == "csv" and not os.path.exists(CSV_DATA_DIR):
+        os.makedirs(CSV_DATA_DIR)
+class CsvFeatureStore:
+    @staticmethod
+    def persist_rows(rows):
+        ensure_csv_directory()
+        new_file = not os.path.exists(FEATURE_CSV)
+        with open(FEATURE_CSV, "a", newline="", encoding="utf-8") as f:
+            w = csv.writer(f)
+            if new_file:
+                w.writerow(CSV_HEADER)
+            w.writerows(rows)
+    @staticmethod
+    def load_matrix():
+        if not os.path.exists(FEATURE_CSV):
+            return np.empty((0,6))
+        df = pd.read_csv(
+            FEATURE_CSV,
+            names=CSV_HEADER,
+            skiprows=1,
+            engine="python",
+            on_bad_lines="skip"
+        )
+        feature_cols = CSV_HEADER[1:7]
+        df[feature_cols] = df[feature_cols].apply(pd.to_numeric, errors="coerce").fillna(0)
+        return df[feature_cols].to_numpy()
+class DbFeatureStore:
+    @staticmethod
+    def persist_rows(rows):
+        objs = []
+        for ip,pl,kw,rt,si,bc,t404,label in rows:
+            objs.append(FeatureSample(
+                ip=ip, path_len=pl, kw_hits=kw,
+                resp_time=rt, status_idx=si,
+                burst_count=bc, total_404=t404,
+                label=label
+            ))
+        FeatureSample.objects.bulk_create(objs, ignore_conflicts=True)
+    @staticmethod
+    def load_matrix():
+        qs = FeatureSample.objects.all().values_list(
+            "path_len","kw_hits","resp_time","status_idx","burst_count","total_404"
+        )
+        return np.array(list(qs), dtype=float)
+def get_store():
+    if getattr(settings, "AIWAF_FEATURE_STORE", "csv") == "db":
+        return DbFeatureStore
+    return CsvFeatureStore
+# ============= CSV Storage Classes =============
+class CsvBlacklistStore:
+    """CSV-based storage for IP blacklist entries"""
+    @staticmethod
+    def add_ip(ip_address, reason):
+        ensure_csv_directory()
+        # Check if IP already exists
+        if CsvBlacklistStore.is_blocked(ip_address):
+            return
+        # Add new entry
+        new_file = not os.path.exists(BLACKLIST_CSV)
+        with open(BLACKLIST_CSV, "a", newline="", encoding="utf-8") as f:
+            writer = csv.writer(f)
+            if new_file:
+                writer.writerow(["ip_address", "reason", "created_at"])
+            writer.writerow([ip_address, reason, timezone.now().isoformat()])
+    @staticmethod
+    def is_blocked(ip_address):
+        if not os.path.exists(BLACKLIST_CSV):
+            return False
+        with open(BLACKLIST_CSV, "r", newline="", encoding="utf-8") as f:
+            reader = csv.DictReader(f)
+            for row in reader:
+                if row["ip_address"] == ip_address:
+                    return True
+        return False
+    @staticmethod
+    def get_all():
+        """Return list of dictionaries with blacklist entries"""
+        if not os.path.exists(BLACKLIST_CSV):
+            return []
+        entries = []
+        with open(BLACKLIST_CSV, "r", newline="", encoding="utf-8") as f:
+            reader = csv.DictReader(f)
+            for row in reader:
+                entries.append(row)
+        return entries
+    @staticmethod
+    def remove_ip(ip_address):
+        if not os.path.exists(BLACKLIST_CSV):
+            return
+        # Read all entries except the one to remove
+        entries = []
+        with open(BLACKLIST_CSV, "r", newline="", encoding="utf-8") as f:
+            reader = csv.DictReader(f)
+            entries = [row for row in reader if row["ip_address"] != ip_address]
+        # Write back the filtered entries
+        with open(BLACKLIST_CSV, "w", newline="", encoding="utf-8") as f:
+            if entries:
+                writer = csv.DictWriter(f, fieldnames=["ip_address", "reason", "created_at"])
+                writer.writeheader()
+                writer.writerows(entries)
+class CsvExemptionStore:
+    """CSV-based storage for IP exemption entries"""
+    @staticmethod
+    def add_ip(ip_address, reason=""):
+        ensure_csv_directory()
+        # Check if IP already exists
+        if CsvExemptionStore.is_exempted(ip_address):
+            return
+        # Add new entry
+        new_file = not os.path.exists(EXEMPTION_CSV)
+        with open(EXEMPTION_CSV, "a", newline="", encoding="utf-8") as f:
+            writer = csv.writer(f)
+            if new_file:
+                writer.writerow(["ip_address", "reason", "created_at"])
+            writer.writerow([ip_address, reason, timezone.now().isoformat()])
+    @staticmethod
+    def is_exempted(ip_address):
+        if not os.path.exists(EXEMPTION_CSV):
+            return False
+        with open(EXEMPTION_CSV, "r", newline="", encoding="utf-8") as f:
+            reader = csv.DictReader(f)
+            for row in reader:
+                if row["ip_address"] == ip_address:
+                    return True
+        return False
+    @staticmethod
+    def get_all():
+        """Return list of dictionaries with exemption entries"""
+        if not os.path.exists(EXEMPTION_CSV):
+            return []
+        entries = []
+        with open(EXEMPTION_CSV, "r", newline="", encoding="utf-8") as f:
+            reader = csv.DictReader(f)
+            for row in reader:
+                entries.append(row)
+        return entries
+    @staticmethod
+    def remove_ip(ip_address):
+        if not os.path.exists(EXEMPTION_CSV):
+            return
+        # Read all entries except the one to remove
+        entries = []
+        with open(EXEMPTION_CSV, "r", newline="", encoding="utf-8") as f:
+            reader = csv.DictReader(f)
+            entries = [row for row in reader if row["ip_address"] != ip_address]
+        # Write back the filtered entries
+        with open(EXEMPTION_CSV, "w", newline="", encoding="utf-8") as f:
+            if entries:
+                writer = csv.DictWriter(f, fieldnames=["ip_address", "reason", "created_at"])
+                writer.writeheader()
+                writer.writerows(entries)
+class CsvKeywordStore:
+    """CSV-based storage for dynamic keywords"""
+    @staticmethod
+    def add_keyword(keyword, count=1):
+        ensure_csv_directory()
+        # Read existing keywords
+        keywords = CsvKeywordStore._load_keywords()
+        # Update or add keyword
+        keywords[keyword] = keywords.get(keyword, 0) + count
+        # Save back to file
+        CsvKeywordStore._save_keywords(keywords)
+    @staticmethod
+    def get_top_keywords(limit=10):
+        keywords = CsvKeywordStore._load_keywords()
+        # Sort by count in descending order and return top N
+        sorted_keywords = sorted(keywords.items(), key=lambda x: x[1], reverse=True)
+        return [kw for kw, count in sorted_keywords[:limit]]
+    @staticmethod
+    def remove_keyword(keyword):
+        keywords = CsvKeywordStore._load_keywords()
+        if keyword in keywords:
+            del keywords[keyword]
+            CsvKeywordStore._save_keywords(keywords)
+    @staticmethod
+    def clear_all():
+        if os.path.exists(KEYWORDS_CSV):
+            os.remove(KEYWORDS_CSV)
+    @staticmethod
+    def _load_keywords():
+        """Load keywords from CSV file as a dictionary"""
+        if not os.path.exists(KEYWORDS_CSV):
+            return {}
+        keywords = {}
+        with open(KEYWORDS_CSV, "r", newline="", encoding="utf-8") as f:
+            reader = csv.DictReader(f)
+            for row in reader:
+                keywords[row["keyword"]] = int(row["count"])
+        return keywords
+    @staticmethod
+    def _save_keywords(keywords):
+        """Save keywords dictionary to CSV file"""
+        with open(KEYWORDS_CSV, "w", newline="", encoding="utf-8") as f:
+            writer = csv.writer(f)
+            writer.writerow(["keyword", "count", "last_updated"])
+            for keyword, count in keywords.items():
+                writer.writerow([keyword, count, timezone.now().isoformat()])
+# ============= Storage Factory Functions =============
+def get_blacklist_store():
+    """Return appropriate blacklist storage class based on settings"""
+    if STORAGE_MODE == "csv":
+        return CsvBlacklistStore
+    else:
+        # Return a wrapper for Django models
+        return ModelBlacklistStore
+def get_exemption_store():
+    """Return appropriate exemption storage class based on settings"""
+    if STORAGE_MODE == "csv":
+        return CsvExemptionStore
+    else:
+        return ModelExemptionStore
+def get_keyword_store():
+    """Return appropriate keyword storage class based on settings"""
+    if STORAGE_MODE == "csv":
+        return CsvKeywordStore
+    else:
+        return ModelKeywordStore
+# ============= Django Model Wrappers =============
+class ModelBlacklistStore:
+    """Django model-based storage for blacklist entries"""
+    @staticmethod
+    def add_ip(ip_address, reason):
+        BlacklistEntry.objects.get_or_create(ip_address=ip_address, defaults={"reason": reason})
+    @staticmethod
+    def is_blocked(ip_address):
+        return BlacklistEntry.objects.filter(ip_address=ip_address).exists()
+    @staticmethod
+    def get_all():
+        return list(BlacklistEntry.objects.values("ip_address", "reason", "created_at"))
+    @staticmethod
+    def remove_ip(ip_address):
+        BlacklistEntry.objects.filter(ip_address=ip_address).delete()
+class ModelExemptionStore:
+    """Django model-based storage for exemption entries"""
+    @staticmethod
+    def add_ip(ip_address, reason=""):
+        IPExemption.objects.get_or_create(ip_address=ip_address, defaults={"reason": reason})
+    @staticmethod
+    def is_exempted(ip_address):
+        return IPExemption.objects.filter(ip_address=ip_address).exists()
+    @staticmethod
+    def get_all():
+        return list(IPExemption.objects.values("ip_address", "reason", "created_at"))
+    @staticmethod
+    def remove_ip(ip_address):
+        IPExemption.objects.filter(ip_address=ip_address).delete()
+class ModelKeywordStore:
+    """Django model-based storage for dynamic keywords"""
+    @staticmethod
+    def add_keyword(keyword, count=1):
+        obj, created = DynamicKeyword.objects.get_or_create(keyword=keyword, defaults={"count": count})
+        if not created:
+            obj.count += count
+            obj.save()
+    @staticmethod
+    def get_top_keywords(limit=10):
+        return list(DynamicKeyword.objects.order_by("-count").values_list("keyword", flat=True)[:limit])
+    @staticmethod
+    def remove_keyword(keyword):
+        DynamicKeyword.objects.filter(keyword=keyword).delete()
+    @staticmethod
+    def clear_all():
+        DynamicKeyword.objects.all().delete()

{aiwaf-0.1.8.5 → aiwaf-0.1.8.7}/aiwaf/trainer.py RENAMED Viewed

@@ -13,6 +13,8 @@ from sklearn.ensemble import IsolationForest
 from django.conf import settings
 from django.apps import apps
 from django.db.models import F
+from .utils import is_exempt_path
+from .storage import get_blacklist_store, get_exemption_store, get_keyword_store
 # ─────────── Configuration ───────────
 LOG_PATH   = settings.AIWAF_ACCESS_LOG
@@ -27,36 +29,6 @@ _LOG_RX = re.compile(
 )
-BlacklistEntry = apps.get_model("aiwaf", "BlacklistEntry")
-DynamicKeyword = apps.get_model("aiwaf", "DynamicKeyword")
-IPExemption = apps.get_model("aiwaf", "IPExemption")
-def is_exempt_path(path: str) -> bool:
-    path = path.lower()
-    # Default login paths that should always be exempt
-    default_login_paths = [
-        "/admin/login/",
-        "/admin/",
-        "/login/",
-        "/accounts/login/",
-        "/auth/login/",
-        "/signin/",
-    ]
-    # Check default login paths
-    for login_path in default_login_paths:
-        if path.startswith(login_path):
-            return True
-    # Check user-configured exempt paths
-    for exempt in getattr(settings, "AIWAF_EXEMPT_PATHS", []):
-        if path == exempt or path.startswith(exempt.rstrip("/") + "/"):
-            return True
-    return False
 def path_exists_in_django(path: str) -> bool:
     from django.urls import get_resolver
     from django.urls.resolvers import URLResolver
@@ -78,13 +50,17 @@ def path_exists_in_django(path: str) -> bool:
 def remove_exempt_keywords() -> None:
+    keyword_store = get_keyword_store()
     exempt_tokens = set()
     for path in getattr(settings, "AIWAF_EXEMPT_PATHS", []):
         for seg in re.split(r"\W+", path.strip("/").lower()):
             if len(seg) > 3:
                 exempt_tokens.add(seg)
-    if exempt_tokens:
-        DynamicKeyword.objects.filter(keyword__in=exempt_tokens).delete()
+    # Remove exempt tokens from keyword storage
+    for token in exempt_tokens:
+        keyword_store.remove_keyword(token)
 def _read_all_logs() -> list[str]:
@@ -122,10 +98,15 @@ def _parse(line: str) -> dict | None:
 def train() -> None:
     remove_exempt_keywords()
-    # Remove any IPs in IPExemption from the blacklist
-    exempt_ips = set(IPExemption.objects.values_list("ip_address", flat=True))
-    if exempt_ips:
-        BlacklistEntry.objects.filter(ip_address__in=exempt_ips).delete()
+    # Remove any IPs in IPExemption from the blacklist using storage system
+    exemption_store = get_exemption_store()
+    blacklist_store = get_blacklist_store()
+    exempted_ips = [entry['ip_address'] for entry in exemption_store.get_all()]
+    for ip in exempted_ips:
+        blacklist_store.remove_ip(ip)
     raw_lines = _read_all_logs()
     if not raw_lines:
         print("No log lines found – check AIWAF_ACCESS_LOG setting.")
@@ -157,10 +138,8 @@ def train() -> None:
             # Don't block if majority of 404s are on login paths
             if count > login_404s:  # More non-login 404s than login 404s
-                BlacklistEntry.objects.get_or_create(
-                    ip_address=ip,
-                    defaults={"reason": f"Excessive 404s (≥6 non-login, {count}/{total_404s})"}
-                )
+                blacklist_store = get_blacklist_store()
+                blacklist_store.add_ip(ip, f"Excessive 404s (≥6 non-login, {count}/{total_404s})")
     feature_dicts = []
     for r in parsed:
@@ -211,10 +190,13 @@ def train() -> None:
     if anomalous_ips:
         print(f"⚠️  Detected {len(anomalous_ips)} potentially anomalous IPs during training")
+        exemption_store = get_exemption_store()
+        blacklist_store = get_blacklist_store()
         blocked_count = 0
         for ip in anomalous_ips:
             # Skip if IP is exempted
-            if IPExemption.objects.filter(ip_address=ip).exists():
+            if exemption_store.is_exempted(ip):
                 continue
             # Get this IP's behavior from the data
@@ -237,10 +219,7 @@ def train() -> None:
                 continue
             # Block if it shows clear signs of malicious behavior
-            BlacklistEntry.objects.get_or_create(
-                ip_address=ip,
-                defaults={"reason": f"AI anomaly + suspicious patterns (kw:{avg_kw_hits:.1f}, 404s:{max_404s}, burst:{avg_burst:.1f})"}
-            )
+            blacklist_store.add_ip(ip, f"AI anomaly + suspicious patterns (kw:{avg_kw_hits:.1f}, 404s:{max_404s}, burst:{avg_burst:.1f})")
             blocked_count += 1
             print(f"   - {ip}: Blocked for suspicious behavior (kw:{avg_kw_hits:.1f}, 404s:{max_404s}, burst:{avg_burst:.1f})")
@@ -254,8 +233,10 @@ def train() -> None:
                 if len(seg) > 3 and seg not in STATIC_KW:
                     tokens[seg] += 1
-    for kw, cnt in tokens.most_common(10):
-        obj, _ = DynamicKeyword.objects.get_or_create(keyword=kw)
-        DynamicKeyword.objects.filter(pk=obj.pk).update(count=F("count") + cnt)
+    keyword_store = get_keyword_store()
+    top_tokens = tokens.most_common(10)
+    for kw, cnt in top_tokens:
+        keyword_store.add_keyword(kw, cnt)
-    print(f"DynamicKeyword DB updated with top tokens: {[kw for kw, _ in tokens.most_common(10)]}")
+    print(f"DynamicKeyword storage updated with top tokens: {[kw for kw, _ in top_tokens]}")

aiwaf-0.1.8.7/aiwaf/utils.py ADDED Viewed

@@ -0,0 +1,106 @@
+import os
+import re
+import glob
+import gzip
+from datetime import datetime
+from django.conf import settings
+from .storage import get_exemption_store
+_LOG_RX = re.compile(
+    r'(\d+\.\d+\.\d+\.\d+).*\[(.*?)\].*"(GET|POST) (.*?) HTTP/.*?" (\d{3}).*?"(.*?)" "(.*?)"'
+)
+def get_ip(request):
+    xff = request.META.get("HTTP_X_FORWARDED_FOR", "")
+    if xff:
+        return xff.split(",")[0].strip()
+    return request.META.get("REMOTE_ADDR", "")
+def read_rotated_logs(base_path):
+    lines = []
+    if os.path.exists(base_path):
+        with open(base_path, "r", encoding="utf-8", errors="ignore") as f:
+            lines.extend(f.readlines())
+    for path in sorted(glob.glob(base_path + ".*")):
+        opener = gzip.open if path.endswith(".gz") else open
+        try:
+            with opener(path, "rt", encoding="utf-8", errors="ignore") as f:
+                lines.extend(f.readlines())
+        except OSError:
+            continue
+    return lines
+def parse_log_line(line):
+    m = _LOG_RX.search(line)
+    if not m:
+        return None
+    ip, ts_str, _, path, status, ref, ua = m.groups()
+    try:
+        ts = datetime.strptime(ts_str.split()[0], "%d/%b/%Y:%H:%M:%S")
+    except ValueError:
+        return None
+    rt_m = re.search(r'response-time=(\d+\.\d+)', line)
+    rt = float(rt_m.group(1)) if rt_m else 0.0
+    return {
+        "ip": ip,
+        "timestamp": ts,
+        "path": path,
+        "status": status,
+        "referer": ref,
+        "user_agent": ua,
+        "response_time": rt
+    }
+def is_ip_exempted(ip):
+    """Check if IP is in exemption list"""
+    store = get_exemption_store()
+    return store.is_exempted(ip)
+def is_view_exempt(request):
+    """Check if the current view is marked as AI-WAF exempt"""
+    if hasattr(request, 'resolver_match') and request.resolver_match:
+        view_func = request.resolver_match.func
+        # Check if view function has aiwaf_exempt attribute
+        if hasattr(view_func, 'aiwaf_exempt'):
+            return True
+        # For class-based views, check the view class
+        if hasattr(view_func, 'view_class'):
+            view_class = view_func.view_class
+            if hasattr(view_class, 'aiwaf_exempt'):
+                return True
+            # Check dispatch method for method_decorator usage
+            dispatch_method = getattr(view_class, 'dispatch', None)
+            if dispatch_method and hasattr(dispatch_method, 'aiwaf_exempt'):
+                return True
+    return False
+def is_exempt_path(path):
+    """Check if path should be exempt from AI-WAF"""
+    path = path.lower()
+    # Default login paths (always exempt)
+    default_exempt = [
+        "/admin/login/", "/admin/", "/login/", "/accounts/login/",
+        "/auth/login/", "/signin/"
+    ]
+    # Check default exempt paths
+    for exempt_path in default_exempt:
+        if path.startswith(exempt_path):
+            return True
+    # Check configured exempt paths
+    exempt_paths = getattr(settings, "AIWAF_EXEMPT_PATHS", [])
+    for exempt_path in exempt_paths:
+        if path == exempt_path or path.startswith(exempt_path.rstrip("/") + "/"):
+            return True
+    return False
+def is_exempt(request):
+    """Check if request should be exempt (either by path or view decorator)"""
+    return is_exempt_path(request.path) or is_view_exempt(request)

{aiwaf-0.1.8.5 → aiwaf-0.1.8.7}/aiwaf.egg-info/PKG-INFO RENAMED Viewed

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: aiwaf
-Version: 0.1.8.5
+Version: 0.1.8.7
 Summary: AI-powered Web Application Firewall
 Home-page: https://github.com/aayushgauba/aiwaf
 Author: Aayush Gauba
@@ -99,7 +99,26 @@ AIWAF_EXEMPT_PATHS = [
 ]
 ```
-All exempt paths are:
+**Exempt Views (Decorator):**
+Use the `@aiwaf_exempt` decorator to exempt specific views from all AI-WAF protection:
+```python
+from aiwaf.decorators import aiwaf_exempt
+from django.http import JsonResponse
+@aiwaf_exempt
+def my_api_view(request):
+    """This view will be exempt from all AI-WAF protection"""
+    return JsonResponse({"status": "success"})
+# Works with class-based views too
+@aiwaf_exempt
+class MyAPIView(View):
+    def get(self, request):
+        return JsonResponse({"method": "GET"})
+```
+All exempt paths and views are:
   - Skipped from keyword learning
   - Immune to AI blocking
   - Ignored in log training
@@ -169,6 +188,31 @@ AIWAF_ACCESS_LOG = "/var/log/nginx/access.log"
 ---
+### Storage Configuration
+**Choose storage backend:**
+```python
+# Use Django models (default) - requires database tables
+AIWAF_STORAGE_MODE = "models"
+# OR use CSV files - no database required
+AIWAF_STORAGE_MODE = "csv"
+AIWAF_CSV_DATA_DIR = "aiwaf_data"  # Directory for CSV files
+```
+**CSV Mode Features:**
+- No database migrations required
+- Files stored in `aiwaf_data/` directory:
+  - `blacklist.csv` - Blocked IP addresses
+  - `exemptions.csv` - Exempt IP addresses
+  - `keywords.csv` - Dynamic keywords
+  - `access_samples.csv` - Feature samples for ML training
+- Perfect for lightweight deployments or when you prefer file-based storage
+- Management commands work identically in both modes
+---
 ### Optional (defaults shown)
 ```python

{aiwaf-0.1.8.5 → aiwaf-0.1.8.7}/aiwaf.egg-info/SOURCES.txt RENAMED Viewed

@@ -5,6 +5,7 @@ setup.py
 aiwaf/__init__.py
 aiwaf/apps.py
 aiwaf/blacklist_manager.py
+aiwaf/decorators.py
 aiwaf/middleware.py
 aiwaf/models.py
 aiwaf/storage.py

{aiwaf-0.1.8.5 → aiwaf-0.1.8.7}/pyproject.toml RENAMED Viewed

@@ -1,6 +1,6 @@
 [project]
 name = "aiwaf"
-version = "0.1.8.5"
+version = "0.1.8.7"
 description = "AI-powered Web Application Firewall"
 readme = "README.md"
 requires-python = ">=3.8"

{aiwaf-0.1.8.5 → aiwaf-0.1.8.7}/setup.py RENAMED Viewed

@@ -9,7 +9,7 @@ long_description = (HERE / "README.md").read_text(encoding="utf-8")
 setup(
     name="aiwaf",
-    version="0.1.8.5",
+    version="0.1.8.7",
     description="AI‑driven, self‑learning Web Application Firewall for Django",
     long_description=long_description,
     long_description_content_type="text/markdown",

aiwaf-0.1.8.5/aiwaf/blacklist_manager.py DELETED Viewed

@@ -1,14 +0,0 @@
-from .models import BlacklistEntry
-class BlacklistManager:
-    @staticmethod
-    def block(ip, reason):
-        BlacklistEntry.objects.get_or_create(ip_address=ip, defaults={"reason": reason})
-    @staticmethod
-    def is_blocked(ip):
-        return BlacklistEntry.objects.filter(ip_address=ip).exists()
-    @staticmethod
-    def all_blocked():
-        return BlacklistEntry.objects.all()

aiwaf-0.1.8.5/aiwaf/storage.py DELETED Viewed

@@ -1,61 +0,0 @@
-import os, csv, gzip, glob
-import numpy as np
-import pandas as pd
-from django.conf import settings
-from .models import FeatureSample
-DATA_FILE  = getattr(settings, "AIWAF_CSV_PATH", "access_samples.csv")
-CSV_HEADER = [
-    "ip","path_len","kw_hits","resp_time",
-    "status_idx","burst_count","total_404","label"
-]
-class CsvFeatureStore:
-    @staticmethod
-    def persist_rows(rows):
-        new_file = not os.path.exists(DATA_FILE)
-        with open(DATA_FILE, "a", newline="", encoding="utf-8") as f:
-            w = csv.writer(f)
-            if new_file:
-                w.writerow(CSV_HEADER)
-            w.writerows(rows)
-    @staticmethod
-    def load_matrix():
-        if not os.path.exists(DATA_FILE):
-            return np.empty((0,6))
-        df = pd.read_csv(
-            DATA_FILE,
-            names=CSV_HEADER,
-            skiprows=1,
-            engine="python",
-            on_bad_lines="skip"
-        )
-        feature_cols = CSV_HEADER[1:7]
-        df[feature_cols] = df[feature_cols].apply(pd.to_numeric, errors="coerce").fillna(0)
-        return df[feature_cols].to_numpy()
-class DbFeatureStore:
-    @staticmethod
-    def persist_rows(rows):
-        objs = []
-        for ip,pl,kw,rt,si,bc,t404,label in rows:
-            objs.append(FeatureSample(
-                ip=ip, path_len=pl, kw_hits=kw,
-                resp_time=rt, status_idx=si,
-                burst_count=bc, total_404=t404,
-                label=label
-            ))
-        FeatureSample.objects.bulk_create(objs, ignore_conflicts=True)
-    @staticmethod
-    def load_matrix():
-        qs = FeatureSample.objects.all().values_list(
-            "path_len","kw_hits","resp_time","status_idx","burst_count","total_404"
-        )
-        return np.array(list(qs), dtype=float)
-def get_store():
-    if getattr(settings, "AIWAF_FEATURE_STORE", "csv") == "db":
-        return DbFeatureStore
-    return CsvFeatureStore

aiwaf-0.1.8.5/aiwaf/utils.py DELETED Viewed

@@ -1,50 +0,0 @@
-import os
-import re
-import glob
-import gzip
-from datetime import datetime
-_LOG_RX = re.compile(
-    r'(\d+\.\d+\.\d+\.\d+).*\[(.*?)\].*"(GET|POST) (.*?) HTTP/.*?" (\d{3}).*?"(.*?)" "(.*?)"'
-)
-def get_ip(request):
-    xff = request.META.get("HTTP_X_FORWARDED_FOR", "")
-    if xff:
-        return xff.split(",")[0].strip()
-    return request.META.get("REMOTE_ADDR", "")
-def read_rotated_logs(base_path):
-    lines = []
-    if os.path.exists(base_path):
-        with open(base_path, "r", encoding="utf-8", errors="ignore") as f:
-            lines.extend(f.readlines())
-    for path in sorted(glob.glob(base_path + ".*")):
-        opener = gzip.open if path.endswith(".gz") else open
-        try:
-            with opener(path, "rt", encoding="utf-8", errors="ignore") as f:
-                lines.extend(f.readlines())
-        except OSError:
-            continue
-    return lines
-def parse_log_line(line):
-    m = _LOG_RX.search(line)
-    if not m:
-        return None
-    ip, ts_str, _, path, status, ref, ua = m.groups()
-    try:
-        ts = datetime.strptime(ts_str.split()[0], "%d/%b/%Y:%H:%M:%S")
-    except ValueError:
-        return None
-    rt_m = re.search(r'response-time=(\d+\.\d+)', line)
-    rt = float(rt_m.group(1)) if rt_m else 0.0
-    return {
-        "ip": ip,
-        "timestamp": ts,
-        "path": path,
-        "status": status,
-        "referer": ref,
-        "user_agent": ua,
-        "response_time": rt
-    }