flask-Humanify 0.2.0__py3-none-any.whl → 0.2.2__py3-none-any.whl

flask_humanify/__init__.py

@@ -4,11 +4,12 @@ Flask-Humanify
 A Flask extension that protects against bots and DDoS attacks.
 """
 
-__version__ = "0.2.0"
+__version__ = "0.2.2"
 
 from . import utils
 from .humanify import Humanify
 from .features.rate_limiter import RateLimiter
+from .features.error_handler import ErrorHandler
 
 
-__all__ = ["Humanify", "RateLimiter", "utils"]
+__all__ = ["Humanify", "RateLimiter", "ErrorHandler", "utils"]

flask_humanify/features/error_handler.py

@@ -0,0 +1,177 @@
+from typing import Final, Optional
+from flask import Flask, render_template
+
+
+ERROR_CODES: Final[dict] = {
+    400: {
+        "title": "Bad Request",
+        "description": "The server could not understand your request due to invalid syntax.",
+    },
+    401: {
+        "title": "Unauthorized",
+        "description": "You must authenticate yourself to get the requested response.",
+    },
+    403: {
+        "title": "Forbidden",
+        "description": "You do not have access rights to the content.",
+    },
+    404: {
+        "title": "Not Found",
+        "description": "The server cannot find the requested resource.",
+    },
+    405: {
+        "title": "Method Not Allowed",
+        "description": "The request method is known by the server but is not supported by the target resource.",
+    },
+    406: {
+        "title": "Not Acceptable",
+        "description": (
+            "The server cannot produce a response matching the list of acceptable values "
+            "defined in your request's proactive content negotiation headers."
+        ),
+    },
+    408: {
+        "title": "Request Timeout",
+        "description": (
+            "The server did not receive a complete request message from you within the time that "
+            "it was prepared to wait."
+        ),
+    },
+    409: {
+        "title": "Conflict",
+        "description": (
+            "The request could not be completed due to a conflict with the current state of "
+            "the target resource."
+        ),
+    },
+    410: {
+        "title": "Gone",
+        "description": "The requested resource is no longer available and will not be available again.",
+    },
+    411: {
+        "title": "Length Required",
+        "description": "The server refuses to accept the request without a defined Content-Length header.",
+    },
+    412: {
+        "title": "Precondition Failed",
+        "description": (
+            "The server does not meet one of the preconditions that you put on "
+            "the request header fields."
+        ),
+    },
+    413: {
+        "title": "Payload Too Large",
+        "description": "The request entity is larger than limits defined by the server.",
+    },
+    414: {
+        "title": "URI Too Long",
+        "description": "The URI requested by you is longer than the server is willing to interpret.",
+    },
+    415: {
+        "title": "Unsupported Media Type",
+        "description": "The media format of the requested data is not supported by the server.",
+    },
+    416: {
+        "title": "Range Not Satisfiable",
+        "description": "The range specified by the Range header field in your request can't be fulfilled.",
+    },
+    417: {
+        "title": "Expectation Failed",
+        "description": (
+            "The expectation given in your request's Expect header field could not be met by at "
+            "least one of the inbound servers."
+        ),
+    },
+    418: {
+        "title": "I'm a teapot",
+        "description": "The web server rejects the attempt to make coffee with a teapot.",
+    },
+    422: {
+        "title": "Unprocessable Entity",
+        "description": "The request was well-formed but was unable to be followed due to semantic errors.",
+    },
+    423: {
+        "title": "Locked",
+        "description": "The resource that is being accessed is locked.",
+    },
+    424: {
+        "title": "Failed Dependency",
+        "description": "The request failed due to failure of a previous request.",
+    },
+    428: {
+        "title": "Precondition Required",
+        "description": "The origin server requires your request to be conditional.",
+    },
+    429: {
+        "title": "Too Many Requests",
+        "description": "You have sent too many requests in a given amount of time.",
+    },
+    431: {
+        "title": "Request Header Fields Too Large",
+        "description": (
+            "The server is unwilling to process your request because its header "
+            "fields are too large."
+        ),
+    },
+    451: {
+        "title": "Unavailable For Legal Reasons",
+        "description": "The server is denying access to the resource as a consequence of a legal demand.",
+    },
+    500: {
+        "title": "Internal Server Error",
+        "description": "The server has encountered a situation it doesn't know how to handle.",
+    },
+    501: {
+        "title": "Not Implemented",
+        "description": "The request method is not supported by the server and cannot be handled.",
+    },
+    502: {
+        "title": "Bad Gateway",
+        "description": (
+            "The server, while acting as a gateway or proxy, received an invalid response from "
+            "the upstream server."
+        ),
+    },
+    503: {
+        "title": "Service Unavailable",
+        "description": "The server is not ready to handle the request.",
+    },
+    504: {
+        "title": "Gateway Timeout",
+        "description": (
+            "The server is acting as a gateway or proxy and did not receive a timely response "
+            "from the upstream server."
+        ),
+    },
+    505: {
+        "title": "HTTP Version Not Supported",
+        "description": "The HTTP version used in your request is not supported by the server.",
+    },
+}
+
+
+class ErrorHandler:
+    def __init__(self, app: Flask, errors: Optional[list[int]] = None):
+        self.app = app
+
+        for error_code in errors or ERROR_CODES:
+            self.app.register_error_handler(error_code, self.handle_error)
+
+    def handle_error(self, error: Exception) -> tuple:
+        """Render exception page with appropriate error information."""
+        code = getattr(error, "code", type(error).__name__)
+        info = ERROR_CODES.get(code, {})
+        title = f"{code} | {info.get('title', 'Error')}"
+        message = (
+            info.get("description")
+            or str(error).split(" ", 1)[-1].strip()
+            or "An error occurred"
+        )
+
+        return render_template("exception.html").replace(
+            "EXCEPTION_TITLE", title
+        ).replace("EXCEPTION_CODE", str(code)).replace(
+            "EXCEPTION_MESSAGE", message
+        ), getattr(
+            error, "code", 500
+        )

flask_humanify/humanify.py

@@ -1,7 +1,9 @@
 from dataclasses import dataclass
 import logging
 import random
-from typing import List, Optional
+from typing import List, Optional, Union, Dict, Any, Pattern
+import re
+import fnmatch
 
 from werkzeug.wrappers import Response
 from flask import (
@@ -46,13 +48,13 @@ IMAGE_CAPTCHA_MAPPING = {
         "num_correct": (2, 3),
         "num_images": 9,
         "preview_image": False,
-        "hardness_range": (1, 4),
+        "hardness_range": (1, 3),
     },
     "one_click": {
         "num_correct": 1,
         "num_images": 6,
         "preview_image": True,
-        "hardness_range": (1, 2),
+        "hardness_range": (1, 3),
     },
 }
 
@@ -127,11 +129,16 @@ class Humanify:
     """
 
     def __init__(
-        self, app=None, challenge_type: str = "one_click", captcha_dataset: str = "ai_dogs"
+        self,
+        app=None,
+        challenge_type: str = "one_click",
+        image_dataset: Optional[str] = "ai_dogs",
+        audio_dataset: Optional[str] = None,
     ):
         self.app = app
         self.challenge_type = challenge_type
-        self.captcha_dataset = captcha_dataset
+        self.image_dataset = image_dataset
+        self.audio_dataset = audio_dataset
         if app is not None:
             self.init_app(app)
 
@@ -142,7 +149,8 @@ class Humanify:
         self.app = app
 
         ensure_server_running(
-            image_dataset=self.captcha_dataset,
+            image_dataset=self.image_dataset,
+            audio_dataset=self.audio_dataset,
         )
         self.memory_client = MemoryClient()
         self.memory_client.connect()
@@ -162,6 +170,9 @@ class Humanify:
             """
             Challenge route.
             """
+            if self.image_dataset is None:
+                return self._render_challenge(is_audio=True)
+
             return self._render_challenge()
 
         @self.blueprint.route("/humanify/audio_challenge", methods=["GET"])
@@ -169,6 +180,11 @@ class Humanify:
             """
             Audio challenge route.
             """
+            if self.audio_dataset is None:
+                return redirect(
+                    url_for("humanify.challenge", return_url=request.full_path)
+                )
+
             return self._render_challenge(is_audio=True)
 
         @self.blueprint.route("/humanify/verify", methods=["POST"])
@@ -176,6 +192,9 @@ class Humanify:
             """
             Verify route.
             """
+            if self.image_dataset is None:
+                abort(404)
+
             return self._verify_captcha()
 
         @self.blueprint.route("/humanify/verify_audio", methods=["POST"])
@@ -183,6 +202,9 @@ class Humanify:
             """
             Verify audio route.
             """
+            if self.audio_dataset is None:
+                abort(404)
+
             return self._verify_audio_captcha()
 
         @self.blueprint.route("/humanify/access_denied", methods=["GET"])
@@ -198,27 +220,168 @@ class Humanify:
                 {"Cache-Control": "public, max-age=15552000"},
             )
 
-    def register_middleware(self, action: str = "challenge"):
+    def register_middleware(
+        self,
+        action: str = "challenge",
+        endpoint_patterns: Union[str, List[str], None] = None,
+        url_patterns: Union[str, List[str], None] = None,
+        exclude_patterns: Union[str, List[str], None] = None,
+        request_filters: Optional[Dict[str, Any]] = None,
+    ):
         """
-        Register the middleware.
+        Register the middleware with advanced filtering options.
+
+        Args:
+            action: The action to take when a bot is detected ('challenge' or 'deny_access')
+            endpoint_patterns: Endpoint patterns to match (regex or glob patterns)
+            url_patterns: URL patterns to match (regex or glob patterns)
+            exclude_patterns: Patterns to exclude from protection (regex or glob patterns)
+            request_filters: Dict of request attributes and values to filter by
         """
-
         self.app = self.app or current_app
 
+        if isinstance(endpoint_patterns, str):
+            endpoint_patterns = [endpoint_patterns]
+        if isinstance(url_patterns, str):
+            url_patterns = [url_patterns]
+        if isinstance(exclude_patterns, str):
+            exclude_patterns = [exclude_patterns]
+
+        compiled_endpoint_patterns = (
+            self._compile_patterns(endpoint_patterns) if endpoint_patterns else None
+        )
+        compiled_url_patterns = (
+            self._compile_patterns(url_patterns) if url_patterns else None
+        )
+        compiled_exclude_patterns = (
+            self._compile_patterns(exclude_patterns) if exclude_patterns else None
+        )
+
         @self.app.before_request
         def before_request():
             """
-            Before request hook.
+            Before request hook with advanced filtering.
             """
             if request.endpoint and request.endpoint.startswith("humanify."):
                 return
 
-            if self.is_bot:
+            current_endpoint = request.endpoint or ""
+            current_path = request.path
+
+            if compiled_exclude_patterns and self._matches_any_pattern(
+                current_endpoint, current_path, compiled_exclude_patterns
+            ):
+                return
+
+            patterns_specified = (
+                compiled_endpoint_patterns is not None
+                or compiled_url_patterns is not None
+            )
+
+            matches_endpoint = not patterns_specified or (
+                compiled_endpoint_patterns
+                and self._matches_any_pattern(
+                    current_endpoint, None, compiled_endpoint_patterns
+                )
+            )
+
+            matches_url = not patterns_specified or (
+                compiled_url_patterns
+                and self._matches_any_pattern(None, current_path, compiled_url_patterns)
+            )
+
+            matches_request_filters = (
+                not request_filters or self._matches_request_filters(request_filters)
+            )
+
+            if (
+                (matches_endpoint or matches_url)
+                and matches_request_filters
+                and self.is_bot
+            ):
                 if action == "challenge":
                     return self.challenge()
                 if action == "deny_access":
                     return self.deny_access()
 
+    def _compile_patterns(self, patterns):
+        """
+        Compile a list of patterns into regex patterns.
+        Handles glob patterns like * and ? by converting them to regex.
+        """
+        compiled = []
+        for pattern in patterns:
+            if pattern is None:
+                continue
+
+            if "*" in pattern or "?" in pattern:
+                regex_pattern = fnmatch.translate(pattern)
+                compiled.append(re.compile(regex_pattern))
+            else:
+                try:
+                    compiled.append(re.compile(pattern))
+                except re.error:
+                    compiled.append(re.compile(re.escape(pattern)))
+
+        return compiled
+
+    def _matches_any_pattern(
+        self,
+        endpoint: Optional[str],
+        path: Optional[str],
+        compiled_patterns: List[Pattern],
+    ):
+        """
+        Check if the current endpoint or path matches any of the compiled patterns.
+        """
+        for pattern in compiled_patterns:
+            if endpoint is not None and pattern.search(endpoint):
+                return True
+            if path is not None and pattern.search(path):
+                return True
+        return False
+
+    def _matches_request_filters(self, request_filters: Dict[str, Any]) -> bool:
+        """
+        Check if the current request matches all the specified filters.
+        Filters can target any attribute of the request object or its nested properties.
+        """
+        for key, value in request_filters.items():
+            parts = key.split(".")
+            obj = request
+
+            for part in parts[:-1]:
+                if hasattr(obj, part):
+                    obj = getattr(obj, part)
+                elif isinstance(obj, dict) and part in obj:
+                    obj = obj[part]
+                else:
+                    return False
+
+            final_attr = parts[-1]
+
+            if hasattr(obj, final_attr):
+                attr_value = getattr(obj, final_attr)
+            elif isinstance(obj, dict) and final_attr in obj:
+                attr_value = obj[final_attr]
+            else:
+                return False
+
+            if isinstance(value, str) and value.startswith("regex:"):
+                regex_pattern = value[6:]
+                try:
+                    if not re.search(regex_pattern, str(attr_value)):
+                        return False
+                except (re.error, TypeError):
+                    return False
+            elif isinstance(value, list):
+                if attr_value not in value:
+                    return False
+            elif attr_value != value:
+                return False
+
+        return True
+
     @property
     def client_ip(self) -> Optional[str]:
         """Get the client IP address."""
@@ -310,7 +473,7 @@ class Humanify:
             num_correct=captcha_config["num_correct"],
             num_images=captcha_config["num_images"],
             preview_image=use_preview_image,
-            dataset_name=self.captcha_dataset,
+            dataset_name=self.image_dataset,
         )
 
         if not images_bytes:
@@ -319,16 +482,15 @@ class Humanify:
         processed_images = []
         for i, img_bytes in enumerate(images_bytes):
             try:
-                hardness = random.randint(
-                    captcha_config["hardness_range"][0],
-                    captcha_config["hardness_range"][1],
-                )
-                distorted = manipulate_image_bytes(
+                distorted_img_bytes = manipulate_image_bytes(
                     img_bytes,
                     is_small=not (i == 0 and use_preview_image),
-                    hardness=hardness,
+                    hardness=random.randint(
+                        captcha_config["hardness_range"][0],
+                        captcha_config["hardness_range"][1],
+                    ),
                 )
-                processed_images.append(image_bytes_to_data_url(distorted))
+                processed_images.append(image_bytes_to_data_url(distorted_img_bytes))
             except Exception as e:
                 current_app.logger.error(f"Error processing image: {e}")
                 processed_images.append(
@@ -359,7 +521,7 @@ class Humanify:
                 captcha_data=captcha_data,
                 return_url=return_url or "/",
                 error=error,
-                audio_challenge_available=True,
+                audio_challenge_available=self.audio_dataset is not None,
             ),
             mimetype="text/html",
         )
@@ -400,7 +562,7 @@ class Humanify:
                 captcha_data=captcha_data,
                 return_url=return_url or "/",
                 error=error,
-                image_challenge_available=True,
+                image_challenge_available=self.image_dataset is not None,
             ),
             mimetype="text/html",
         )

flask_humanify/memory_server.py

@@ -204,7 +204,9 @@ class MemoryServer:
             return False
 
     def load_captcha_datasets(
-        self, image_dataset: str = "animals", audio_dataset: Optional[str] = None
+        self,
+        image_dataset: Optional[str] = None,
+        audio_dataset: Optional[str] = None,
     ) -> bool:
         """Load captcha datasets into memory."""
         try:
@@ -819,8 +821,8 @@ class MemoryClient:
 def ensure_server_running(
     port: int = 9876,
     data_path: Optional[str] = None,
-    image_dataset: str = "animals",
-    audio_dataset: str = "characters",
+    image_dataset: Optional[str] = None,
+    audio_dataset: Optional[str] = None,
 ) -> None:
     """Ensure that the memory server is running."""
     if data_path is None:

flask_humanify/templates/audio_challenge.html

@@ -198,7 +198,9 @@
                 href="{{ url_for('humanify.challenge', return_url=return_url) }}"
             >
                 <svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 512 512">
-                    <path d="M96 416q-14 0-23-9t-9-23V128q0-14 9-23t23-9h320q14 0 23 9t9 23v256q0 14-9 23t-23 9zm88-176q20 0 34-14t14-34-14-34-34-14-34 14-14 34 14 34 34 14m216 128v-64l-64-64-96 96-56-57-88 89z"/>
+                    <path
+                        d="M96 416q-14 0-23-9t-9-23V128q0-14 9-23t23-9h320q14 0 23 9t9 23v256q0 14-9 23t-23 9zm88-176q20 0 34-14t14-34-14-34-34-14-34 14-14 34 14 34 34 14m216 128v-64l-64-64-96 96-56-57-88 89z"
+                    />
                 </svg>
                 Image challenge
             </a>

flask_humanify/templates/exception.html

@@ -0,0 +1,66 @@
+<!doctype html>
+<html lang="en">
+    <head>
+        <meta charset="UTF-8" />
+        <meta name="viewport" content="width=device-width, initial-scale=1.0" />
+        <title>EXCEPTION_TITLE</title>
+        <style>
+            body {
+                font-family: system-ui, sans-serif;
+                background: #f2f2f2;
+                color: #181818;
+                margin: 0;
+                line-height: 1.5;
+                text-align: center;
+                display: grid;
+                place-items: center;
+                height: 100vh;
+                padding: 0 20px;
+            }
+
+            @media (prefers-color-scheme: dark) {
+                body {
+                    background: #121212;
+                    color: #f2f2f2;
+                }
+
+                .btn {
+                    background: #f2f2f2;
+                    color: #121212;
+                }
+            }
+
+            .content {
+                max-width: 600px;
+            }
+
+            h1 {
+                font-size: 64px;
+                margin: 15px 0;
+            }
+
+            p {
+                font-size: 20px;
+                margin: 15px 0;
+                opacity: 0.8;
+            }
+
+            .btn {
+                display: inline-block;
+                padding: 12px 24px;
+                background: #181818;
+                color: #f2f2f2;
+                border-radius: 6px;
+                text-decoration: none;
+                margin-top: 20px;
+            }
+        </style>
+    </head>
+    <body>
+        <div class="content">
+            <h1>EXCEPTION_CODE</h1>
+            <p>EXCEPTION_MESSAGE</p>
+            <a href="/" class="btn">Back to home</a>
+        </div>
+    </body>
+</html>

flask_humanify/utils.py

@@ -251,6 +251,8 @@ def manipulate_image_bytes(
     """Manipulates an image represented by bytes to create a distorted version."""
     # pylint: disable=no-member
 
+    hardness = min(max(1, hardness), 4)
+
     img = cv2.imdecode(np.frombuffer(image_data, np.uint8), cv2.IMREAD_COLOR)
     if img is None:
         logger.error("Image data could not be decoded by OpenCV")
@@ -259,25 +261,85 @@ def manipulate_image_bytes(
     size = 100 if is_small else 200
     img = cv2.resize(img, (size, size), interpolation=cv2.INTER_LINEAR)
 
-    if hardness > 3:
-        num_dots = np.random.randint(20, 100) * (hardness - 3)
-        dot_coords = np.random.randint(0, [size, size], size=(num_dots, 2))
-        colors = np.random.randint(0, 256, size=(num_dots, 3))
+    mask_pattern = np.zeros((size, size, 3), dtype=np.uint8)
+
+    grid_size = max(8, 16 - hardness * 2)
+    for i in range(0, size, grid_size):
+        thickness = 1
+        cv2.line(mask_pattern, (i, 0), (i, size), (2, 2, 2), thickness)
+        cv2.line(mask_pattern, (0, i), (size, i), (2, 2, 2), thickness)
 
-        for (x, y), color in zip(dot_coords, colors):
-            img[y, x] = color
+    mask_opacity = min(0.06 + hardness * 0.03, 0.18)
+    img = cv2.addWeighted(img, 1 - mask_opacity, mask_pattern, mask_opacity, 0)
 
-        num_lines = np.random.randint(20, 100) * (hardness - 3)
-        start_coords = np.random.randint(0, [size, size], size=(num_lines, 2))
-        end_coords = np.random.randint(0, [size, size], size=(num_lines, 2))
-        colors = np.random.randint(0, 256, size=(num_lines, 3))
+    noise_max = max(1, 1 + hardness // 2)
+    noise_pattern = np.random.randint(
+        0, noise_max, size=(size, size, 3), dtype=np.uint8
+    )
+    img = cv2.add(img, noise_pattern)
+
+    num_dots = np.random.randint(5 + 5 * hardness, 10 + 10 * hardness + 1)
+    dot_coords = np.random.randint(0, [size, size], size=(num_dots, 2))
+
+    dot_intensity = 0.05 + hardness * 0.05
+    rand_max = max(1, 10 * hardness)
+    colors = np.random.randint(0, rand_max, size=(num_dots, 3)) + np.array(
+        [img[coord[1], coord[0]] for coord in dot_coords]
+    ) * (1 - dot_intensity)
+    colors = np.clip(colors, 0, 255).astype(np.uint8)
+
+    for (x, y), color in zip(dot_coords, colors):
+        img[y, x] = color
+
+    num_lines = np.random.randint(2 * hardness, 5 * hardness + 1)
+    start_coords = np.random.randint(0, [size, size], size=(num_lines, 2))
+    end_coords = np.random.randint(0, [size, size], size=(num_lines, 2))
+
+    line_intensity = max(4, 3 * hardness)
+    colors = np.random.randint(3, line_intensity, size=(num_lines, 3))
+
+    for (start, end), color in zip(zip(start_coords, end_coords), colors):
+        cv2.line(img, tuple(start), tuple(end), color.tolist(), 1)
+
+    for _ in range(hardness):
+        x = np.random.randint(0, size)
+        y = np.random.randint(0, size)
+        length = np.random.randint(5 + 3 * hardness, 10 + 5 * hardness + 1)
+        angle = np.random.randint(0, 360)
+        text_max = max(3, 2 + hardness)
+        text_color = np.random.randint(1, text_max, 3).tolist()
+
+        end_x = int(x + length * np.cos(np.radians(angle)))
+        end_y = int(y + length * np.sin(np.radians(angle)))
+        cv2.line(img, (x, y), (end_x, end_y), text_color, 1)
+
+    for _ in range(1 + hardness // 2):
+        patch_size = np.random.randint(4 + hardness, 6 + 3 * hardness + 1)
+        x = np.random.randint(0, size - patch_size)
+        y = np.random.randint(0, size - patch_size)
+
+        patch = np.zeros((patch_size, patch_size, 3), dtype=np.uint8)
+        for i in range(0, patch_size, 2):
+            for j in range(0, patch_size, 2):
+                if (i + j) % 4 == 0:
+                    patch_color_max = max(2, 1 + hardness)
+                    patch[i : i + 2, j : j + 2] = [
+                        np.random.randint(1, patch_color_max)
+                    ] * 3
+
+        patch_opacity = 0.03 + 0.02 * hardness
+        roi = img[y : y + patch_size, x : x + patch_size]
+        img[y : y + patch_size, x : x + patch_size] = cv2.addWeighted(
+            roi, 1 - patch_opacity, patch, patch_opacity, 0
+        )
 
-        for (start, end), color in zip(zip(start_coords, end_coords), colors):
-            cv2.line(img, tuple(start), tuple(end), color.tolist(), 1)
+    max_shift = hardness
+    x_shifts = np.random.randint(-max_shift, max_shift + 1, size=(size, size))
+    y_shifts = np.random.randint(-max_shift, max_shift + 1, size=(size, size))
 
-    max_shift = max(3, hardness + 1)
-    x_shifts = np.random.randint(-max(2, hardness + 4), max_shift, size=(size, size))
-    y_shifts = np.random.randint(-max(1, hardness + 4), max_shift, size=(size, size))
+    saturation_factor = 1 + hardness * 0.05
+    value_factor = 1 - hardness * 0.03
+    blur_factor = hardness * 0.05
 
     map_x, map_y = np.meshgrid(np.arange(size), np.arange(size))
     map_x = (map_x + x_shifts) % size
@@ -289,14 +351,18 @@ def manipulate_image_bytes(
     shifted_img_hsv = cv2.cvtColor(shifted_img, cv2.COLOR_BGR2HSV)
 
     shifted_img_hsv[..., 1] = np.clip(
-        shifted_img_hsv[..., 1] * (1 + hardness * 0.12), 0, 255
-    )
-    shifted_img_hsv[..., 2] = np.clip(
-        shifted_img_hsv[..., 2] * (1 - hardness * 0.09), 0, 255
+        shifted_img_hsv[..., 1] * saturation_factor, 0, 255
     )
+    shifted_img_hsv[..., 2] = np.clip(shifted_img_hsv[..., 2] * value_factor, 0, 255)
 
     shifted_img = cv2.cvtColor(shifted_img_hsv, cv2.COLOR_HSV2BGR)
-    shifted_img = cv2.GaussianBlur(shifted_img, (5, 5), hardness * 0.1)
+    shifted_img = cv2.GaussianBlur(shifted_img, (5, 5), blur_factor)
+
+    noise_high = max(1, 1 + hardness // 3)
+    high_freq_noise = np.random.randint(
+        0, noise_high, size=shifted_img.shape, dtype=np.uint8
+    )
+    shifted_img = cv2.add(shifted_img, high_freq_noise)
 
     _, output_bytes = cv2.imencode(".png", shifted_img)
     if not _:

{flask_humanify-0.2.0.dist-info → flask_humanify-0.2.2.dist-info}/METADATA

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: flask-Humanify
-Version: 0.2.0
+Version: 0.2.2
 Summary: Protect against bots and DDoS attacks
 Author-email: TN3W <tn3w@protonmail.com>
 License-Expression: Apache-2.0
@@ -45,7 +45,7 @@ from flask import Flask
 from flask_Humanify import Humanify
 
 app = Flask(__name__)
-humanify = Humanify(app, challenge_type="one_click", captcha_dataset="ai_dogs")
+humanify = Humanify(app, challenge_type="one_click", image_dataset="ai_dogs")
 
 # Register the middleware to deny access to bots
 humanify.register_middleware(action="challenge")
@@ -61,6 +61,39 @@ if __name__ == "__main__":
     app.run()
 ```
 
+### Advanced Protection Rules
+
+You can customize bot protection with advanced filtering rules:
+
+```python
+# Protect specific endpoints with regex patterns
+humanify.register_middleware(
+    action="challenge",
+    endpoint_patterns=["api.*", "admin.*"]  # Protect all API and admin endpoints
+)
+
+# Protect specific URL paths
+humanify.register_middleware(
+    action="deny_access",
+    url_patterns=["/sensitive/*", "/admin/*"]  # Deny bot access to sensitive areas
+)
+
+# Exclude certain patterns from protection
+humanify.register_middleware(
+    endpoint_patterns=["api.*"],
+    exclude_patterns=["api.public.*"]  # Don't protect public API endpoints
+)
+
+# Filter by request parameters
+humanify.register_middleware(
+    request_filters={
+        "method": ["POST", "PUT", "DELETE"],  # Only protect write operations
+        "args.admin": "true",                # Only when admin=true query parameter exists
+        "headers.content-type": "regex:application/json.*"  # Match content type with regex
+    }
+)
+```
+
 Not using the middleware:
 
 ```python
@@ -96,3 +129,80 @@ Add the extension to your Flask app:
 app = Flask(__name__)
 humanify = Humanify(app)
 ```
+
+## Additional Features
+
+### Rate Limiting
+
+Flask-Humanify includes a rate limiting feature to protect your application from excessive requests:
+
+```python
+from flask import Flask
+from flask_humanify import Humanify, RateLimiter
+
+app = Flask(__name__)
+humanify = Humanify(app)
+# Default: 10 requests per 10 seconds
+rate_limiter = RateLimiter(app)
+
+# Or customize rate limits
+rate_limiter = RateLimiter(app, max_requests=20, time_window=30)
+```
+
+The rate limiter will automatically:
+
+- Track requests by IP address
+- Hash IPs for privacy
+- Redirect to a rate-limited page when limits are exceeded
+- Ignore rate limits for special pages like the rate-limited and access-denied pages
+
+### Error Handling
+
+Flask-Humanify provides a clean error handling system:
+
+```python
+from flask import Flask
+from flask_humanify import Humanify, ErrorHandler
+
+app = Flask(__name__)
+humanify = Humanify(app)
+# Handle all standard HTTP errors
+error_handler = ErrorHandler(app)
+
+# Or handle only specific error codes
+error_handler = ErrorHandler(app, errors=[404, 429, 500])
+```
+
+The error handler:
+
+- Renders user-friendly error pages
+- Uses the custom exception.html template
+- Provides appropriate error messages and descriptions
+- Includes HTTP status codes and titles
+
+### Complete Example
+
+Here's a complete example combining all features:
+
+```python
+from flask import Flask
+from flask_humanify import Humanify, RateLimiter, ErrorHandler
+
+app = Flask(__name__)
+# Setup core protection
+humanify = Humanify(app, challenge_type="one_click", image_dataset="animals")
+humanify.register_middleware(action="challenge")
+
+# Add rate limiting
+rate_limiter = RateLimiter(app, max_requests=15, time_window=60)
+
+# Add error handling
+error_handler = ErrorHandler(app)
+
+@app.route("/")
+def index():
+    return "Hello, Human!"
+
+if __name__ == "__main__":
+    app.run(debug=True)
+```

flask_humanify-0.2.2.dist-info/RECORD

@@ -0,0 +1,22 @@
+flask_humanify/__init__.py,sha256=rvTDStRFUl6sFNVgm7NKEA3fkH2gP7osDl3IuUy-SNU,334
+flask_humanify/humanify.py,sha256=C-HhqWfvENMyOjU2LJ8aUW0npLm2LavuiTcvAf_LTCM,22179
+flask_humanify/memory_server.py,sha256=NlGYrHuH6S7Ei7I5gc78aYvZvEq6bUz-lgLhuiCXTEM,30339
+flask_humanify/utils.py,sha256=mG8oZL6U52yDWOlE3umqf5NNuwKB-LnhMjr_xdpQcAo,18581
+flask_humanify/datasets/ai_dogs.pkl,sha256=ODznMPafM3d4ZNM2MPqEdX21nh53CZhsLornWc1IZPc,24645910
+flask_humanify/datasets/animals.pkl,sha256=zhOY-J3h18ZMBE5D9q_ujQc7ZW1WRNcuYfM4J2P1huM,10323365
+flask_humanify/datasets/characters.pkl,sha256=tEbGnbi5S9Y2Us9arVghdV43luqOAiGTQMLiU2bka6U,12756114
+flask_humanify/datasets/ipset.json,sha256=YNPqwI109lYkfvZeOPsoDH_dKJxOCs0G2nvx_s2mvqU,30601191
+flask_humanify/datasets/keys.pkl,sha256=sYzgJ5SP5SluWwyatFnWc-hj8rzwaOEOMVLJOw4VZik,32763786
+flask_humanify/features/error_handler.py,sha256=bLOyaS6jtkLyxf7RviXD5fVrJ7fBAd9I8Zt2Q1m54n8,6123
+flask_humanify/features/rate_limiter.py,sha256=QMIwfEllTDup6jxckEbE83PlJZeLw-0SvyxPqzXJYzU,2204
+flask_humanify/templates/access_denied.html,sha256=p8ea_9gvv83aYFHaVKKedmQr6M8Z7NyHJK_OT3jdTOs,3169
+flask_humanify/templates/audio_challenge.html,sha256=Tvs7mTah59n4I-w5N8ABcW8AMPN8zAAcFYZUXBm6NH0,6442
+flask_humanify/templates/exception.html,sha256=OcAuyoBQ5wLMQvFAVi2LS7gcDsLmCpkuHCBQoh_eGTg,1711
+flask_humanify/templates/grid_challenge.html,sha256=cToubxQvI7bJ-BKS9wceIvsAmp6h2EGYLhgyRr6pFxU,7179
+flask_humanify/templates/one_click_challenge.html,sha256=21WOkYWrW48GXpVPBMPrEJ7Iq5JawkrXKUyUUfxWmTc,5996
+flask_humanify/templates/rate_limited.html,sha256=Bv98MoetuSJGpWkDaQfhl7JwcWJiGaG2gwqxvSphaTM,3114
+flask_humanify-0.2.2.dist-info/licenses/LICENSE,sha256=OXLcl0T2SZ8Pmy2_dmlvKuetivmyPd5m1q-Gyd-zaYY,35149
+flask_humanify-0.2.2.dist-info/METADATA,sha256=5Mrphy_GSkMiJVc7ZEdkiO2_-eVILQ1plCWlxI7bO0E,6092
+flask_humanify-0.2.2.dist-info/WHEEL,sha256=_zCd3N1l69ArxyTb8rzEoP9TpbYXkqRFSNOD5OuxnTs,91
+flask_humanify-0.2.2.dist-info/top_level.txt,sha256=9-c6uhxwCpPE3BJYge1Y9Z_bYmWitI0fY5RgqMiFWr0,15
+flask_humanify-0.2.2.dist-info/RECORD,,

flask_humanify-0.2.0.dist-info/RECORD

@@ -1,20 +0,0 @@
-flask_humanify/__init__.py,sha256=m00B4jvNt8wDtNtodyHv1GKDxW3CdblFpVE1Bea0-7g,269
-flask_humanify/humanify.py,sha256=YZFndaMwC24VtddrH5_SX7Lx995QKZGehv49kDK181w,16252
-flask_humanify/memory_server.py,sha256=pmW1MjFYaLVizjzL_9YuDTc2T-3XkkdKLK9QPfmQ-4U,30310
-flask_humanify/secret_key.bin,sha256=5e9HXg-A5HtFRVYv4zA1rkSQAP03RcnwdCpnA_98_8Q,32
-flask_humanify/utils.py,sha256=jWAQDZmH356VBRnfSgPloQbqkNj6bbRjIOXNRUAPUyk,16016
-flask_humanify/datasets/ai_dogs.pkl,sha256=ODznMPafM3d4ZNM2MPqEdX21nh53CZhsLornWc1IZPc,24645910
-flask_humanify/datasets/animals.pkl,sha256=zhOY-J3h18ZMBE5D9q_ujQc7ZW1WRNcuYfM4J2P1huM,10323365
-flask_humanify/datasets/characters.pkl,sha256=tEbGnbi5S9Y2Us9arVghdV43luqOAiGTQMLiU2bka6U,12756114
-flask_humanify/datasets/ipset.json,sha256=YNPqwI109lYkfvZeOPsoDH_dKJxOCs0G2nvx_s2mvqU,30601191
-flask_humanify/features/rate_limiter.py,sha256=QMIwfEllTDup6jxckEbE83PlJZeLw-0SvyxPqzXJYzU,2204
-flask_humanify/templates/access_denied.html,sha256=p8ea_9gvv83aYFHaVKKedmQr6M8Z7NyHJK_OT3jdTOs,3169
-flask_humanify/templates/audio_challenge.html,sha256=1QR-EQs3CJleT64jWxAreJG-RIUHuQox-jXswOCemXg,6397
-flask_humanify/templates/grid_challenge.html,sha256=cToubxQvI7bJ-BKS9wceIvsAmp6h2EGYLhgyRr6pFxU,7179
-flask_humanify/templates/one_click_challenge.html,sha256=21WOkYWrW48GXpVPBMPrEJ7Iq5JawkrXKUyUUfxWmTc,5996
-flask_humanify/templates/rate_limited.html,sha256=Bv98MoetuSJGpWkDaQfhl7JwcWJiGaG2gwqxvSphaTM,3114
-flask_humanify-0.2.0.dist-info/licenses/LICENSE,sha256=OXLcl0T2SZ8Pmy2_dmlvKuetivmyPd5m1q-Gyd-zaYY,35149
-flask_humanify-0.2.0.dist-info/METADATA,sha256=ah_0kX60dPqLsJF6LreSX85_YgbdxjTL7_gGNHRupPI,3233
-flask_humanify-0.2.0.dist-info/WHEEL,sha256=_zCd3N1l69ArxyTb8rzEoP9TpbYXkqRFSNOD5OuxnTs,91
-flask_humanify-0.2.0.dist-info/top_level.txt,sha256=9-c6uhxwCpPE3BJYge1Y9Z_bYmWitI0fY5RgqMiFWr0,15
-flask_humanify-0.2.0.dist-info/RECORD,,