aiwaf 0.1.9.0.3__tar.gz → 0.1.9.0.5__tar.gz

{aiwaf-0.1.9.0.3 → aiwaf-0.1.9.0.5}/PKG-INFO

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: aiwaf
-Version: 0.1.9.0.3
+Version: 0.1.9.0.5
 Summary: AI-powered Web Application Firewall
 Home-page: https://github.com/aayushgauba/aiwaf
 Author: Aayush Gauba

{aiwaf-0.1.9.0.3 → aiwaf-0.1.9.0.5}/aiwaf/__init__.py

@@ -1,6 +1,6 @@
 default_app_config = "aiwaf.apps.AiwafConfig"
 
-__version__ = "0.1.9.0.3"
+__version__ = "0.1.9.0.5"
 
 # Note: Middleware classes are available from aiwaf.middleware
 # Import them only when needed to avoid circular imports during Django app loading

aiwaf-0.1.9.0.5/aiwaf/blacklist_manager.py

@@ -0,0 +1,37 @@
+# aiwaf/blacklist_manager.py
+
+from .storage import get_blacklist_store, get_exemption_store
+
+class BlacklistManager:
+    @staticmethod
+    def block(ip, reason):
+        """Add IP to blacklist, but only if it's not exempted"""
+        # Check if IP is exempted before blocking
+        exemption_store = get_exemption_store()
+        if exemption_store.is_exempted(ip):
+            return  # Don't block exempted IPs
+        
+        store = get_blacklist_store()
+        store.add_ip(ip, reason)
+
+    @staticmethod
+    def is_blocked(ip):
+        """Check if IP is blocked, but respect exemptions"""
+        # First check if IP is exempted - exemptions override blacklist
+        exemption_store = get_exemption_store()
+        if exemption_store.is_exempted(ip):
+            return False  # Exempted IPs are never considered blocked
+        
+        # If not exempted, check blacklist
+        store = get_blacklist_store()
+        return store.is_blocked(ip)
+
+    @staticmethod
+    def all_blocked():
+        store = get_blacklist_store()
+        return store.get_all()
+    
+    @staticmethod
+    def unblock(ip):
+        store = get_blacklist_store()
+        store.remove_ip(ip)

aiwaf-0.1.9.0.5/aiwaf/management/commands/debug_csv.py

@@ -0,0 +1,155 @@
+from django.core.management.base import BaseCommand
+import os
+import csv
+
+class Command(BaseCommand):
+    help = 'Debug and fix AI-WAF CSV functionality'
+
+    def add_arguments(self, parser):
+        parser.add_argument(
+            '--test-ip',
+            type=str,
+            help='Test IP address to add to exemption list',
+            default='127.0.0.1'
+        )
+        parser.add_argument(
+            '--fix',
+            action='store_true',
+            help='Attempt to fix identified issues',
+        )
+
+    def handle(self, *args, **options):
+        self.stdout.write(self.style.HTTP_INFO("🔍 AI-WAF CSV Debug & Fix"))
+        self.stdout.write("")
+        
+        # Check storage mode
+        from django.conf import settings
+        storage_mode = getattr(settings, 'AIWAF_STORAGE_MODE', 'models')
+        csv_dir = getattr(settings, 'AIWAF_CSV_DATA_DIR', 'aiwaf_data')
+        
+        self.stdout.write(f"Storage Mode: {storage_mode}")
+        self.stdout.write(f"CSV Directory: {csv_dir}")
+        self.stdout.write("")
+        
+        # Check middleware logging
+        middleware_logging = getattr(settings, 'AIWAF_MIDDLEWARE_LOGGING', False)
+        middleware_log = getattr(settings, 'AIWAF_MIDDLEWARE_LOG', 'aiwaf_requests.log')
+        
+        self.stdout.write(f"Middleware Logging: {middleware_logging}")
+        self.stdout.write(f"Middleware Log File: {middleware_log}")
+        self.stdout.write("")
+        
+        # Check if CSV directory exists
+        if os.path.exists(csv_dir):
+            self.stdout.write(self.style.SUCCESS(f"✅ CSV directory exists: {csv_dir}"))
+        else:
+            self.stdout.write(self.style.ERROR(f"❌ CSV directory missing: {csv_dir}"))
+            if options['fix']:
+                os.makedirs(csv_dir, exist_ok=True)
+                self.stdout.write(self.style.SUCCESS(f"✅ Created CSV directory: {csv_dir}"))
+        
+        # Check CSV files
+        csv_files = ['blacklist.csv', 'exemptions.csv', 'keywords.csv']
+        for filename in csv_files:
+            filepath = os.path.join(csv_dir, filename)
+            if os.path.exists(filepath):
+                # Count entries
+                try:
+                    with open(filepath, 'r', newline='', encoding='utf-8') as f:
+                        reader = csv.reader(f)
+                        rows = list(reader)
+                        entry_count = len(rows) - 1 if rows else 0  # Subtract header
+                        self.stdout.write(self.style.SUCCESS(f"✅ {filename}: {entry_count} entries"))
+                except Exception as e:
+                    self.stdout.write(self.style.ERROR(f"❌ {filename}: Error reading - {e}"))
+            else:
+                self.stdout.write(self.style.WARNING(f"⚠️  {filename}: Not found"))
+        
+        self.stdout.write("")
+        
+        # Test storage functionality
+        self.stdout.write(self.style.HTTP_INFO("🧪 Testing Storage Functions"))
+        
+        try:
+            from aiwaf.storage import get_exemption_store, get_blacklist_store, get_keyword_store
+            
+            # Test exemption store
+            exemption_store = get_exemption_store()
+            self.stdout.write(f"Exemption Store: {exemption_store.__name__}")
+            
+            # Test blacklist store
+            blacklist_store = get_blacklist_store()
+            self.stdout.write(f"Blacklist Store: {blacklist_store.__name__}")
+            
+            # Test keyword store
+            keyword_store = get_keyword_store()
+            self.stdout.write(f"Keyword Store: {keyword_store.__name__}")
+            
+        except Exception as e:
+            self.stdout.write(self.style.ERROR(f"❌ Storage import failed: {e}"))
+            return
+        
+        self.stdout.write("")
+        
+        # Test exemption functionality
+        test_ip = options['test_ip']
+        self.stdout.write(f"🧪 Testing exemption with IP: {test_ip}")
+        
+        try:
+            # Check if already exempted
+            is_exempted_before = exemption_store.is_exempted(test_ip)
+            self.stdout.write(f"Before: IP {test_ip} exempted = {is_exempted_before}")
+            
+            # Add to exemption
+            exemption_store.add_ip(test_ip, "Test exemption from debug command")
+            self.stdout.write(f"✅ Added {test_ip} to exemption list")
+            
+            # Check if now exempted
+            is_exempted_after = exemption_store.is_exempted(test_ip)
+            self.stdout.write(f"After: IP {test_ip} exempted = {is_exempted_after}")
+            
+            if is_exempted_after:
+                self.stdout.write(self.style.SUCCESS("✅ Exemption functionality working!"))
+            else:
+                self.stdout.write(self.style.ERROR("❌ Exemption functionality not working!"))
+                
+            # List all exemptions
+            all_exemptions = exemption_store.get_all()
+            self.stdout.write(f"Total exemptions: {len(all_exemptions)}")
+            
+            for exemption in all_exemptions:
+                self.stdout.write(f"  - {exemption.get('ip_address', exemption)}")
+                
+        except Exception as e:
+            self.stdout.write(self.style.ERROR(f"❌ Exemption test failed: {e}"))
+        
+        self.stdout.write("")
+        
+        # Check middleware logger file
+        csv_log_file = middleware_log.replace('.log', '.csv')
+        if os.path.exists(csv_log_file):
+            try:
+                with open(csv_log_file, 'r', newline='', encoding='utf-8') as f:
+                    reader = csv.reader(f)
+                    rows = list(reader)
+                    entry_count = len(rows) - 1 if rows else 0
+                    self.stdout.write(self.style.SUCCESS(f"✅ Middleware CSV log: {entry_count} entries"))
+            except Exception as e:
+                self.stdout.write(self.style.ERROR(f"❌ Middleware CSV log error: {e}"))
+        else:
+            self.stdout.write(self.style.WARNING(f"⚠️  Middleware CSV log not found: {csv_log_file}"))
+            self.stdout.write("   Make some requests to generate log entries")
+        
+        # Recommendations
+        self.stdout.write("")
+        self.stdout.write(self.style.HTTP_INFO("💡 Recommendations:"))
+        
+        if storage_mode != 'csv':
+            self.stdout.write("1. Set AIWAF_STORAGE_MODE = 'csv' in settings.py")
+            
+        if not middleware_logging:
+            self.stdout.write("2. Set AIWAF_MIDDLEWARE_LOGGING = True in settings.py")
+            
+        self.stdout.write("3. Add AIWAFLoggerMiddleware to MIDDLEWARE in settings.py")
+        self.stdout.write("4. Make some requests to generate log data")
+        self.stdout.write("5. Run 'python manage.py detect_and_train' to train with data")

aiwaf-0.1.9.0.5/aiwaf/management/commands/test_exemption.py

@@ -0,0 +1,120 @@
+from django.core.management.base import BaseCommand
+import os
+
+class Command(BaseCommand):
+    help = 'Test AI-WAF exemption functionality step by step'
+
+    def add_arguments(self, parser):
+        parser.add_argument(
+            'test_ip',
+            type=str,
+            help='IP address to test exemption for'
+        )
+
+    def handle(self, *args, **options):
+        test_ip = options['test_ip']
+        
+        self.stdout.write(self.style.HTTP_INFO(f"🧪 Testing Exemption for IP: {test_ip}"))
+        self.stdout.write("=" * 50)
+        
+        # Step 1: Check settings
+        from django.conf import settings
+        storage_mode = getattr(settings, 'AIWAF_STORAGE_MODE', 'models')
+        csv_dir = getattr(settings, 'AIWAF_CSV_DATA_DIR', 'aiwaf_data')
+        
+        self.stdout.write(f"Storage Mode: {storage_mode}")
+        self.stdout.write(f"CSV Directory: {csv_dir}")
+        self.stdout.write("")
+        
+        # Step 2: Check storage factory
+        try:
+            from aiwaf.storage import get_exemption_store, EXEMPTION_CSV, CSV_DATA_DIR, STORAGE_MODE
+            exemption_store = get_exemption_store()
+            
+            self.stdout.write(f"Exemption Store Class: {exemption_store.__name__}")
+            self.stdout.write(f"Expected CSV File: {EXEMPTION_CSV}")
+            self.stdout.write(f"CSV Directory: {CSV_DATA_DIR}")
+            self.stdout.write(f"Storage Mode from storage.py: {STORAGE_MODE}")
+            self.stdout.write("")
+            
+        except Exception as e:
+            self.stdout.write(self.style.ERROR(f"❌ Storage import failed: {e}"))
+            return
+        
+        # Step 3: Check file existence
+        if os.path.exists(EXEMPTION_CSV):
+            self.stdout.write(self.style.SUCCESS(f"✅ Exemption CSV exists: {EXEMPTION_CSV}"))
+            
+            # Read and display file contents
+            try:
+                with open(EXEMPTION_CSV, 'r', encoding='utf-8') as f:
+                    content = f.read().strip()
+                    if content:
+                        self.stdout.write(f"📄 File contents:\n{content}")
+                        self.stdout.write("")
+                    else:
+                        self.stdout.write("📄 File is empty")
+                        
+            except Exception as e:
+                self.stdout.write(self.style.ERROR(f"❌ Could not read file: {e}"))
+        else:
+            self.stdout.write(self.style.ERROR(f"❌ Exemption CSV not found: {EXEMPTION_CSV}"))
+            self.stdout.write("Creating test exemption...")
+            
+            # Create the exemption
+            try:
+                exemption_store.add_ip(test_ip, "Test exemption from debug")
+                self.stdout.write(self.style.SUCCESS("✅ Created test exemption"))
+            except Exception as e:
+                self.stdout.write(self.style.ERROR(f"❌ Failed to create exemption: {e}"))
+                return
+        
+        # Step 4: Test exemption check via storage
+        try:
+            is_exempted_storage = exemption_store.is_exempted(test_ip)
+            self.stdout.write(f"Direct storage check: {test_ip} exempted = {is_exempted_storage}")
+        except Exception as e:
+            self.stdout.write(self.style.ERROR(f"❌ Storage exemption check failed: {e}"))
+        
+        # Step 5: Test exemption check via utils function
+        try:
+            from aiwaf.utils import is_ip_exempted
+            is_exempted_utils = is_ip_exempted(test_ip)
+            self.stdout.write(f"Utils function check: {test_ip} exempted = {is_exempted_utils}")
+        except Exception as e:
+            self.stdout.write(self.style.ERROR(f"❌ Utils exemption check failed: {e}"))
+        
+        # Step 6: Test middleware import
+        try:
+            from aiwaf.middleware import IPAndKeywordBlockMiddleware
+            self.stdout.write("✅ Middleware import successful")
+        except Exception as e:
+            self.stdout.write(self.style.ERROR(f"❌ Middleware import failed: {e}"))
+        
+        # Step 7: Test CSV reading manually
+        if os.path.exists(EXEMPTION_CSV):
+            try:
+                import csv
+                self.stdout.write("\n📋 Manual CSV parsing:")
+                with open(EXEMPTION_CSV, 'r', newline='', encoding='utf-8') as f:
+                    reader = csv.DictReader(f)
+                    found = False
+                    for i, row in enumerate(reader):
+                        ip_in_row = row.get('ip_address', 'N/A')
+                        self.stdout.write(f"  Row {i}: ip_address = '{ip_in_row}'")
+                        if ip_in_row == test_ip:
+                            found = True
+                            self.stdout.write(f"  ✅ Found match for {test_ip}")
+                    
+                    if not found:
+                        self.stdout.write(f"  ❌ No match found for {test_ip}")
+                        
+            except Exception as e:
+                self.stdout.write(self.style.ERROR(f"❌ Manual CSV parsing failed: {e}"))
+        
+        self.stdout.write("")
+        self.stdout.write(self.style.HTTP_INFO("💡 Debugging Tips:"))
+        self.stdout.write("1. Check that AIWAF_STORAGE_MODE = 'csv' in settings.py")
+        self.stdout.write("2. Ensure the CSV file has proper headers: ip_address,reason,created_at")
+        self.stdout.write("3. Check file permissions on the CSV directory")
+        self.stdout.write("4. Verify no trailing/leading spaces in IP addresses")

aiwaf-0.1.9.0.5/aiwaf/management/commands/test_exemption_fix.py

@@ -0,0 +1,54 @@
+#!/usr/bin/env python3
+
+from django.core.management.base import BaseCommand
+from aiwaf.blacklist_manager import BlacklistManager
+from aiwaf.storage import get_exemption_store
+
+class Command(BaseCommand):
+    help = 'Test that exempted IPs are properly honored by BlacklistManager'
+
+    def add_arguments(self, parser):
+        parser.add_argument('--ip', default='97.187.30.95', help='IP address to test')
+
+    def handle(self, *args, **options):
+        test_ip = options['ip']
+        
+        self.stdout.write(f"\n=== Testing Exemption Fix for IP: {test_ip} ===")
+        
+        # Check exemption store
+        exemption_store = get_exemption_store()
+        is_exempted = exemption_store.is_exempted(test_ip)
+        self.stdout.write(f"1. Is IP exempted in storage? {is_exempted}")
+        
+        # Test BlacklistManager.block() - should not block exempted IPs
+        self.stdout.write(f"\n2. Testing BlacklistManager.block() on exempted IP...")
+        BlacklistManager.block(test_ip, "Test block attempt")
+        
+        # Check if actually blocked
+        is_blocked = BlacklistManager.is_blocked(test_ip)
+        self.stdout.write(f"3. Is IP blocked after block attempt? {is_blocked}")
+        
+        if is_exempted and not is_blocked:
+            self.stdout.write(self.style.SUCCESS("✅ PASS: Exempted IP was NOT blocked"))
+        elif is_exempted and is_blocked:
+            self.stdout.write(self.style.ERROR("❌ FAIL: Exempted IP was blocked (this should not happen)"))
+        elif not is_exempted:
+            self.stdout.write(self.style.WARNING("⚠️  IP is not exempted, blocking behavior is normal"))
+        
+        # Test with a non-exempted IP to verify blocking still works
+        test_non_exempted = "1.2.3.4"
+        self.stdout.write(f"\n4. Testing with non-exempted IP: {test_non_exempted}")
+        
+        is_exempted_2 = exemption_store.is_exempted(test_non_exempted)
+        self.stdout.write(f"   Is non-exempted IP exempted? {is_exempted_2}")
+        
+        BlacklistManager.block(test_non_exempted, "Test block non-exempted")
+        is_blocked_2 = BlacklistManager.is_blocked(test_non_exempted)
+        self.stdout.write(f"   Is non-exempted IP blocked? {is_blocked_2}")
+        
+        if not is_exempted_2 and is_blocked_2:
+            self.stdout.write(self.style.SUCCESS("✅ PASS: Non-exempted IP was properly blocked"))
+        else:
+            self.stdout.write(self.style.ERROR("❌ FAIL: Non-exempted IP blocking failed"))
+        
+        self.stdout.write(f"\n=== Test Complete ===")

{aiwaf-0.1.9.0.3 → aiwaf-0.1.9.0.5}/aiwaf/middleware.py

@@ -107,8 +107,8 @@ class IPAndKeywordBlockMiddleware:
             return self.get_response(request)
         ip = get_ip(request)
         path = raw_path.lstrip("/")
-        if is_ip_exempted(ip):
-            return self.get_response(request)
+        
+        # BlacklistManager now handles exemption checking internally
         if BlacklistManager.is_blocked(ip):
             return JsonResponse({"error": "blocked"}, status=403)
         
@@ -126,8 +126,10 @@ class IPAndKeywordBlockMiddleware:
         }
         for seg in segments:
             if seg in suspicious_kw:
-                if not is_ip_exempted(ip):
-                    BlacklistManager.block(ip, f"Keyword block: {seg}")
+                # BlacklistManager.block() now checks exemptions internally
+                BlacklistManager.block(ip, f"Keyword block: {seg}")
+                # Check again after blocking attempt (exempted IPs won't be blocked)
+                if BlacklistManager.is_blocked(ip):
                     return JsonResponse({"error": "blocked"}, status=403)
         return self.get_response(request)
 
@@ -152,8 +154,10 @@ class RateLimitMiddleware:
         timestamps.append(now)
         cache.set(key, timestamps, timeout=self.WINDOW)
         if len(timestamps) > self.FLOOD:
-            if not is_ip_exempted(ip):
-                BlacklistManager.block(ip, "Flood pattern")
+            # BlacklistManager.block() now checks exemptions internally
+            BlacklistManager.block(ip, "Flood pattern")
+            # Check if actually blocked (exempted IPs won't be blocked)
+            if BlacklistManager.is_blocked(ip):
                 return JsonResponse({"error": "blocked"}, status=403)
         if len(timestamps) > self.MAX:
             return JsonResponse({"error": "too_many_requests"}, status=429)
@@ -174,8 +178,7 @@ class AIAnomalyMiddleware(MiddlewareMixin):
             return None
         request._start_time = time.time()
         ip = get_ip(request)
-        if is_ip_exempted(ip):
-            return None
+        # BlacklistManager now handles exemption checking internally
         if BlacklistManager.is_blocked(ip):
             return JsonResponse({"error": "blocked"}, status=403)
         return None
@@ -203,8 +206,10 @@ class AIAnomalyMiddleware(MiddlewareMixin):
         
         # Only use AI model if it's available
         if self.model is not None and self.model.predict(X)[0] == -1:
-            if not is_ip_exempted(ip):
-                BlacklistManager.block(ip, "AI anomaly")
+            # BlacklistManager.block() now checks exemptions internally
+            BlacklistManager.block(ip, "AI anomaly")
+            # Check if actually blocked (exempted IPs won't be blocked)
+            if BlacklistManager.is_blocked(ip):
                 return JsonResponse({"error": "blocked"}, status=403)
 
         data.append((now, request.path, response.status_code, resp_time))
@@ -227,8 +232,7 @@ class HoneypotTimingMiddleware(MiddlewareMixin):
             return None
             
         ip = get_ip(request)
-        if is_ip_exempted(ip):
-            return None
+        # BlacklistManager now handles exemption checking internally
             
         if request.method == "GET":
             # Store timestamp for this IP's GET request  
@@ -245,8 +249,11 @@ class HoneypotTimingMiddleware(MiddlewareMixin):
                 if not any(request.path.lower().startswith(login_path) for login_path in [
                     "/admin/login/", "/login/", "/accounts/login/", "/auth/login/", "/signin/"
                 ]):
+                    # BlacklistManager.block() now checks exemptions internally
                     BlacklistManager.block(ip, "Direct POST without GET")
-                    return JsonResponse({"error": "blocked"}, status=403)
+                    # Check if actually blocked (exempted IPs won't be blocked)
+                    if BlacklistManager.is_blocked(ip):
+                        return JsonResponse({"error": "blocked"}, status=403)
             else:
                 # Check timing - be more lenient for login paths
                 time_diff = time.time() - get_time
@@ -259,8 +266,11 @@ class HoneypotTimingMiddleware(MiddlewareMixin):
                     min_time = 0.1  # Very short threshold for login forms
                 
                 if time_diff < min_time:
+                    # BlacklistManager.block() now checks exemptions internally
                     BlacklistManager.block(ip, f"Form submitted too quickly ({time_diff:.2f}s)")
-                    return JsonResponse({"error": "blocked"}, status=403)
+                    # Check if actually blocked (exempted IPs won't be blocked)
+                    if BlacklistManager.is_blocked(ip):
+                        return JsonResponse({"error": "blocked"}, status=403)
         
         return None
 
@@ -284,6 +294,8 @@ class UUIDTamperMiddleware(MiddlewareMixin):
                 except (ValueError, TypeError):
                     continue
 
-        if not is_ip_exempted(ip):
-            BlacklistManager.block(ip, "UUID tampering")
+        # BlacklistManager.block() now checks exemptions internally
+        BlacklistManager.block(ip, "UUID tampering")
+        # Check if actually blocked (exempted IPs won't be blocked)
+        if BlacklistManager.is_blocked(ip):
             return JsonResponse({"error": "blocked"}, status=403)

{aiwaf-0.1.9.0.3 → aiwaf-0.1.9.0.5}/aiwaf/middleware_logger.py

@@ -28,7 +28,11 @@ class AIWAFLoggerMiddleware(MiddlewareMixin):
     def _ensure_csv_header(self):
         """Ensure CSV file has proper header row"""
         if not os.path.exists(self.csv_file):
-            os.makedirs(os.path.dirname(self.csv_file), exist_ok=True) if os.path.dirname(self.csv_file) else None
+            # Create directory if it doesn't exist
+            csv_dir = os.path.dirname(self.csv_file)
+            if csv_dir and not os.path.exists(csv_dir):
+                os.makedirs(csv_dir, exist_ok=True)
+            
             with open(self.csv_file, 'w', newline='', encoding='utf-8') as f:
                 writer = csv.writer(f)
                 writer.writerow([
@@ -73,6 +77,11 @@ class AIWAFLoggerMiddleware(MiddlewareMixin):
     def _log_to_csv(self, data):
         """Write log entry to CSV file"""
         try:
+            # Ensure directory exists before writing
+            csv_dir = os.path.dirname(self.csv_file)
+            if csv_dir and not os.path.exists(csv_dir):
+                os.makedirs(csv_dir, exist_ok=True)
+                
             with open(self.csv_file, 'a', newline='', encoding='utf-8') as f:
                 writer = csv.writer(f)
                 writer.writerow([

{aiwaf-0.1.9.0.3 → aiwaf-0.1.9.0.5}/aiwaf/storage.py

@@ -167,28 +167,50 @@ class CsvExemptionStore:
     @staticmethod
     def add_ip(ip_address, reason=""):
         ensure_csv_directory()
-        # Check if IP already exists
+        
+        # Check if IP already exists to avoid duplicates
         if CsvExemptionStore.is_exempted(ip_address):
             return
         
         # Add new entry
         new_file = not os.path.exists(EXEMPTION_CSV)
-        with open(EXEMPTION_CSV, "a", newline="", encoding="utf-8") as f:
-            writer = csv.writer(f)
-            if new_file:
-                writer.writerow(["ip_address", "reason", "created_at"])
-            writer.writerow([ip_address, reason, timezone.now().isoformat()])
+        try:
+            with open(EXEMPTION_CSV, "a", newline="", encoding="utf-8") as f:
+                writer = csv.writer(f)
+                if new_file:
+                    writer.writerow(["ip_address", "reason", "created_at"])
+                writer.writerow([ip_address, reason, timezone.now().isoformat()])
+        except Exception as e:
+            print(f"Error writing to exemption CSV: {e}")
+            print(f"File path: {EXEMPTION_CSV}")
+            print(f"Directory exists: {os.path.exists(CSV_DATA_DIR)}")
+            raise
     
     @staticmethod
     def is_exempted(ip_address):
         if not os.path.exists(EXEMPTION_CSV):
+            # Debug: Let user know file doesn't exist
+            if getattr(settings, 'DEBUG', False):
+                print(f"DEBUG: Exemption CSV not found: {EXEMPTION_CSV}")
             return False
         
-        with open(EXEMPTION_CSV, "r", newline="", encoding="utf-8") as f:
-            reader = csv.DictReader(f)
-            for row in reader:
-                if row["ip_address"] == ip_address:
-                    return True
+        try:
+            with open(EXEMPTION_CSV, "r", newline="", encoding="utf-8") as f:
+                reader = csv.DictReader(f)
+                for row_num, row in enumerate(reader):
+                    stored_ip = row.get("ip_address", "").strip()
+                    if getattr(settings, 'DEBUG', False) and row_num < 5:  # Show first 5 for debug
+                        print(f"DEBUG: Row {row_num}: comparing '{stored_ip}' with '{ip_address}'")
+                    if stored_ip == ip_address:
+                        if getattr(settings, 'DEBUG', False):
+                            print(f"DEBUG: Found exemption match for {ip_address}")
+                        return True
+        except Exception as e:
+            print(f"Error reading exemption CSV: {e}")
+            return False
+        
+        if getattr(settings, 'DEBUG', False):
+            print(f"DEBUG: No exemption found for {ip_address}")
         return False
     
     @staticmethod
@@ -298,12 +320,22 @@ def get_blacklist_store():
 
 def get_exemption_store():
     """Return appropriate exemption storage class based on settings"""
+    if getattr(settings, 'DEBUG', False):
+        print(f"DEBUG: Storage mode = {STORAGE_MODE}, CSV mode = {STORAGE_MODE == 'csv'}")
+    
     if STORAGE_MODE == "csv":
+        if getattr(settings, 'DEBUG', False):
+            print("DEBUG: Using CsvExemptionStore")
         return CsvExemptionStore
     else:
+        _import_models()
         if IPExemption is not None:
+            if getattr(settings, 'DEBUG', False):
+                print("DEBUG: Using ModelExemptionStore")
             return ModelExemptionStore
         else:
+            if getattr(settings, 'DEBUG', False):
+                print("DEBUG: Falling back to CsvExemptionStore (models not available)")
             return CsvExemptionStore
 
 

{aiwaf-0.1.9.0.3 → aiwaf-0.1.9.0.5}/aiwaf.egg-info/PKG-INFO

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: aiwaf
-Version: 0.1.9.0.3
+Version: 0.1.9.0.5
 Summary: AI-powered Web Application Firewall
 Home-page: https://github.com/aayushgauba/aiwaf
 Author: Aayush Gauba

{aiwaf-0.1.9.0.3 → aiwaf-0.1.9.0.5}/aiwaf.egg-info/SOURCES.txt

@@ -23,8 +23,11 @@ aiwaf/management/commands/add_ipexemption.py
 aiwaf/management/commands/aiwaf_diagnose.py
 aiwaf/management/commands/aiwaf_logging.py
 aiwaf/management/commands/aiwaf_reset.py
+aiwaf/management/commands/debug_csv.py
 aiwaf/management/commands/detect_and_train.py
 aiwaf/management/commands/regenerate_model.py
+aiwaf/management/commands/test_exemption.py
+aiwaf/management/commands/test_exemption_fix.py
 aiwaf/resources/model.pkl
 aiwaf/templatetags/__init__.py
 aiwaf/templatetags/aiwaf_tags.py

{aiwaf-0.1.9.0.3 → aiwaf-0.1.9.0.5}/pyproject.toml

@@ -1,6 +1,6 @@
 [project]
 name = "aiwaf"
-version = "0.1.9.0.3"
+version = "0.1.9.0.5"
 description = "AI-powered Web Application Firewall"
 readme = "README.md"
 requires-python = ">=3.8"

{aiwaf-0.1.9.0.3 → aiwaf-0.1.9.0.5}/setup.py

@@ -9,7 +9,7 @@ long_description = (HERE / "README.md").read_text(encoding="utf-8")
 
 setup(
     name="aiwaf",
-    version="0.1.9.0.3",
+    version="0.1.9.0.5",
     description="AI‑driven, self‑learning Web Application Firewall for Django",
     long_description=long_description,
     long_description_content_type="text/markdown",

aiwaf-0.1.9.0.3/aiwaf/blacklist_manager.py

@@ -1,24 +0,0 @@
-# aiwaf/blacklist_manager.py
-
-from .storage import get_blacklist_store
-
-class BlacklistManager:
-    @staticmethod
-    def block(ip, reason):
-        store = get_blacklist_store()
-        store.add_ip(ip, reason)
-
-    @staticmethod
-    def is_blocked(ip):
-        store = get_blacklist_store()
-        return store.is_blocked(ip)
-
-    @staticmethod
-    def all_blocked():
-        store = get_blacklist_store()
-        return store.get_all()
-    
-    @staticmethod
-    def unblock(ip):
-        store = get_blacklist_store()
-        store.remove_ip(ip)