PyPI - flask-Humanify - Versions diffs - 0.2.0__tar.gz → 0.2.2__tar.gz - Mend

flask-Humanify 0.2.0tar.gz → 0.2.2tar.gz

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (31) hide show

{flask_humanify-0.2.0/flask_Humanify.egg-info → flask_humanify-0.2.2}/PKG-INFO RENAMED Viewed

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: flask-Humanify
-Version: 0.2.0
+Version: 0.2.2
 Summary: Protect against bots and DDoS attacks
 Author-email: TN3W <tn3w@protonmail.com>
 License-Expression: Apache-2.0
@@ -45,7 +45,7 @@ from flask import Flask
 from flask_Humanify import Humanify
 app = Flask(__name__)
-humanify = Humanify(app, challenge_type="one_click", captcha_dataset="ai_dogs")
+humanify = Humanify(app, challenge_type="one_click", image_dataset="ai_dogs")
 # Register the middleware to deny access to bots
 humanify.register_middleware(action="challenge")
@@ -61,6 +61,39 @@ if __name__ == "__main__":
     app.run()
 ```
+### Advanced Protection Rules
+You can customize bot protection with advanced filtering rules:
+```python
+# Protect specific endpoints with regex patterns
+humanify.register_middleware(
+    action="challenge",
+    endpoint_patterns=["api.*", "admin.*"]  # Protect all API and admin endpoints
+)
+# Protect specific URL paths
+humanify.register_middleware(
+    action="deny_access",
+    url_patterns=["/sensitive/*", "/admin/*"]  # Deny bot access to sensitive areas
+)
+# Exclude certain patterns from protection
+humanify.register_middleware(
+    endpoint_patterns=["api.*"],
+    exclude_patterns=["api.public.*"]  # Don't protect public API endpoints
+)
+# Filter by request parameters
+humanify.register_middleware(
+    request_filters={
+        "method": ["POST", "PUT", "DELETE"],  # Only protect write operations
+        "args.admin": "true",                # Only when admin=true query parameter exists
+        "headers.content-type": "regex:application/json.*"  # Match content type with regex
+    }
+)
+```
 Not using the middleware:
 ```python
@@ -96,3 +129,80 @@ Add the extension to your Flask app:
 app = Flask(__name__)
 humanify = Humanify(app)
 ```
+## Additional Features
+### Rate Limiting
+Flask-Humanify includes a rate limiting feature to protect your application from excessive requests:
+```python
+from flask import Flask
+from flask_humanify import Humanify, RateLimiter
+app = Flask(__name__)
+humanify = Humanify(app)
+# Default: 10 requests per 10 seconds
+rate_limiter = RateLimiter(app)
+# Or customize rate limits
+rate_limiter = RateLimiter(app, max_requests=20, time_window=30)
+```
+The rate limiter will automatically:
+- Track requests by IP address
+- Hash IPs for privacy
+- Redirect to a rate-limited page when limits are exceeded
+- Ignore rate limits for special pages like the rate-limited and access-denied pages
+### Error Handling
+Flask-Humanify provides a clean error handling system:
+```python
+from flask import Flask
+from flask_humanify import Humanify, ErrorHandler
+app = Flask(__name__)
+humanify = Humanify(app)
+# Handle all standard HTTP errors
+error_handler = ErrorHandler(app)
+# Or handle only specific error codes
+error_handler = ErrorHandler(app, errors=[404, 429, 500])
+```
+The error handler:
+- Renders user-friendly error pages
+- Uses the custom exception.html template
+- Provides appropriate error messages and descriptions
+- Includes HTTP status codes and titles
+### Complete Example
+Here's a complete example combining all features:
+```python
+from flask import Flask
+from flask_humanify import Humanify, RateLimiter, ErrorHandler
+app = Flask(__name__)
+# Setup core protection
+humanify = Humanify(app, challenge_type="one_click", image_dataset="animals")
+humanify.register_middleware(action="challenge")
+# Add rate limiting
+rate_limiter = RateLimiter(app, max_requests=15, time_window=60)
+# Add error handling
+error_handler = ErrorHandler(app)
+@app.route("/")
+def index():
+    return "Hello, Human!"
+if __name__ == "__main__":
+    app.run(debug=True)
+```

flask_humanify-0.2.2/README.md ADDED Viewed

@@ -0,0 +1,172 @@
+<h1 align="center">flask-Humanify</h1>
+<p align="center">A strong bot protection system for Flask with many features: rate limiting, special rules for users, web crawler detection, and automatic bot detection.</p>
+<p align="center"><a rel="noreferrer noopener" href="https://github.com/tn3w/flask-Humanify"><img alt="Github" src="https://img.shields.io/badge/Github-141e24.svg?&style=for-the-badge&logo=github&logoColor=white"></a>  <a rel="noreferrer noopener" href="https://pypi.org/project/flask-Humanify/"><img alt="PyPI" src="https://img.shields.io/badge/PyPi-141e24.svg?&style=for-the-badge&logo=python&logoColor=white"></a>  <a rel="noreferrer noopener" href="https://libraries.io/pypi/flask-Humanify"><img alt="Libraries.io" src="https://img.shields.io/badge/Libraries.io-141e24.svg?&style=for-the-badge&logo=npm&logoColor=white"></a></p>
+<br>
+```python
+from flask import Flask
+from flask_Humanify import Humanify
+app = Flask(__name__)
+humanify = Humanify(app, challenge_type="one_click", image_dataset="ai_dogs")
+# Register the middleware to deny access to bots
+humanify.register_middleware(action="challenge")
+@app.route("/")
+def index():
+    """
+    A route that is protected against bots and DDoS attacks.
+    """
+    return "Hello, Human!"
+if __name__ == "__main__":
+    app.run()
+```
+### Advanced Protection Rules
+You can customize bot protection with advanced filtering rules:
+```python
+# Protect specific endpoints with regex patterns
+humanify.register_middleware(
+    action="challenge",
+    endpoint_patterns=["api.*", "admin.*"]  # Protect all API and admin endpoints
+)
+# Protect specific URL paths
+humanify.register_middleware(
+    action="deny_access",
+    url_patterns=["/sensitive/*", "/admin/*"]  # Deny bot access to sensitive areas
+)
+# Exclude certain patterns from protection
+humanify.register_middleware(
+    endpoint_patterns=["api.*"],
+    exclude_patterns=["api.public.*"]  # Don't protect public API endpoints
+)
+# Filter by request parameters
+humanify.register_middleware(
+    request_filters={
+        "method": ["POST", "PUT", "DELETE"],  # Only protect write operations
+        "args.admin": "true",                # Only when admin=true query parameter exists
+        "headers.content-type": "regex:application/json.*"  # Match content type with regex
+    }
+)
+```
+Not using the middleware:
+```python
+@app.route("/")
+def index():
+    """
+    A route that is protected against bots and DDoS attacks.
+    """
+    if humanify.is_bot:
+        return humanify.challenge()
+    return "Hello, Human!"
+```
+## Usage
+### Installation
+Install the package with pip:
+```bash
+pip install flask-humanify --upgrade
+```
+Import the extension:
+```python
+from flask_humanify import Humanify
+```
+Add the extension to your Flask app:
+```python
+app = Flask(__name__)
+humanify = Humanify(app)
+```
+## Additional Features
+### Rate Limiting
+Flask-Humanify includes a rate limiting feature to protect your application from excessive requests:
+```python
+from flask import Flask
+from flask_humanify import Humanify, RateLimiter
+app = Flask(__name__)
+humanify = Humanify(app)
+# Default: 10 requests per 10 seconds
+rate_limiter = RateLimiter(app)
+# Or customize rate limits
+rate_limiter = RateLimiter(app, max_requests=20, time_window=30)
+```
+The rate limiter will automatically:
+- Track requests by IP address
+- Hash IPs for privacy
+- Redirect to a rate-limited page when limits are exceeded
+- Ignore rate limits for special pages like the rate-limited and access-denied pages
+### Error Handling
+Flask-Humanify provides a clean error handling system:
+```python
+from flask import Flask
+from flask_humanify import Humanify, ErrorHandler
+app = Flask(__name__)
+humanify = Humanify(app)
+# Handle all standard HTTP errors
+error_handler = ErrorHandler(app)
+# Or handle only specific error codes
+error_handler = ErrorHandler(app, errors=[404, 429, 500])
+```
+The error handler:
+- Renders user-friendly error pages
+- Uses the custom exception.html template
+- Provides appropriate error messages and descriptions
+- Includes HTTP status codes and titles
+### Complete Example
+Here's a complete example combining all features:
+```python
+from flask import Flask
+from flask_humanify import Humanify, RateLimiter, ErrorHandler
+app = Flask(__name__)
+# Setup core protection
+humanify = Humanify(app, challenge_type="one_click", image_dataset="animals")
+humanify.register_middleware(action="challenge")
+# Add rate limiting
+rate_limiter = RateLimiter(app, max_requests=15, time_window=60)
+# Add error handling
+error_handler = ErrorHandler(app)
+@app.route("/")
+def index():
+    return "Hello, Human!"
+if __name__ == "__main__":
+    app.run(debug=True)
+```

{flask_humanify-0.2.0 → flask_humanify-0.2.2/flask_Humanify.egg-info}/PKG-INFO RENAMED Viewed

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: flask-Humanify
-Version: 0.2.0
+Version: 0.2.2
 Summary: Protect against bots and DDoS attacks
 Author-email: TN3W <tn3w@protonmail.com>
 License-Expression: Apache-2.0
@@ -45,7 +45,7 @@ from flask import Flask
 from flask_Humanify import Humanify
 app = Flask(__name__)
-humanify = Humanify(app, challenge_type="one_click", captcha_dataset="ai_dogs")
+humanify = Humanify(app, challenge_type="one_click", image_dataset="ai_dogs")
 # Register the middleware to deny access to bots
 humanify.register_middleware(action="challenge")
@@ -61,6 +61,39 @@ if __name__ == "__main__":
     app.run()
 ```
+### Advanced Protection Rules
+You can customize bot protection with advanced filtering rules:
+```python
+# Protect specific endpoints with regex patterns
+humanify.register_middleware(
+    action="challenge",
+    endpoint_patterns=["api.*", "admin.*"]  # Protect all API and admin endpoints
+)
+# Protect specific URL paths
+humanify.register_middleware(
+    action="deny_access",
+    url_patterns=["/sensitive/*", "/admin/*"]  # Deny bot access to sensitive areas
+)
+# Exclude certain patterns from protection
+humanify.register_middleware(
+    endpoint_patterns=["api.*"],
+    exclude_patterns=["api.public.*"]  # Don't protect public API endpoints
+)
+# Filter by request parameters
+humanify.register_middleware(
+    request_filters={
+        "method": ["POST", "PUT", "DELETE"],  # Only protect write operations
+        "args.admin": "true",                # Only when admin=true query parameter exists
+        "headers.content-type": "regex:application/json.*"  # Match content type with regex
+    }
+)
+```
 Not using the middleware:
 ```python
@@ -96,3 +129,80 @@ Add the extension to your Flask app:
 app = Flask(__name__)
 humanify = Humanify(app)
 ```
+## Additional Features
+### Rate Limiting
+Flask-Humanify includes a rate limiting feature to protect your application from excessive requests:
+```python
+from flask import Flask
+from flask_humanify import Humanify, RateLimiter
+app = Flask(__name__)
+humanify = Humanify(app)
+# Default: 10 requests per 10 seconds
+rate_limiter = RateLimiter(app)
+# Or customize rate limits
+rate_limiter = RateLimiter(app, max_requests=20, time_window=30)
+```
+The rate limiter will automatically:
+- Track requests by IP address
+- Hash IPs for privacy
+- Redirect to a rate-limited page when limits are exceeded
+- Ignore rate limits for special pages like the rate-limited and access-denied pages
+### Error Handling
+Flask-Humanify provides a clean error handling system:
+```python
+from flask import Flask
+from flask_humanify import Humanify, ErrorHandler
+app = Flask(__name__)
+humanify = Humanify(app)
+# Handle all standard HTTP errors
+error_handler = ErrorHandler(app)
+# Or handle only specific error codes
+error_handler = ErrorHandler(app, errors=[404, 429, 500])
+```
+The error handler:
+- Renders user-friendly error pages
+- Uses the custom exception.html template
+- Provides appropriate error messages and descriptions
+- Includes HTTP status codes and titles
+### Complete Example
+Here's a complete example combining all features:
+```python
+from flask import Flask
+from flask_humanify import Humanify, RateLimiter, ErrorHandler
+app = Flask(__name__)
+# Setup core protection
+humanify = Humanify(app, challenge_type="one_click", image_dataset="animals")
+humanify.register_middleware(action="challenge")
+# Add rate limiting
+rate_limiter = RateLimiter(app, max_requests=15, time_window=60)
+# Add error handling
+error_handler = ErrorHandler(app)
+@app.route("/")
+def index():
+    return "Hello, Human!"
+if __name__ == "__main__":
+    app.run(debug=True)
+```

{flask_humanify-0.2.0 → flask_humanify-0.2.2}/flask_Humanify.egg-info/SOURCES.txt RENAMED Viewed

@@ -11,15 +11,17 @@ flask_Humanify.egg-info/top_level.txt
 flask_humanify/__init__.py
 flask_humanify/humanify.py
 flask_humanify/memory_server.py
-flask_humanify/secret_key.bin
 flask_humanify/utils.py
 flask_humanify/datasets/ai_dogs.pkl
 flask_humanify/datasets/animals.pkl
 flask_humanify/datasets/characters.pkl
 flask_humanify/datasets/ipset.json
+flask_humanify/datasets/keys.pkl
+flask_humanify/features/error_handler.py
 flask_humanify/features/rate_limiter.py
 flask_humanify/templates/access_denied.html
 flask_humanify/templates/audio_challenge.html
+flask_humanify/templates/exception.html
 flask_humanify/templates/grid_challenge.html
 flask_humanify/templates/one_click_challenge.html
 flask_humanify/templates/rate_limited.html

{flask_humanify-0.2.0 → flask_humanify-0.2.2}/flask_humanify/__init__.py RENAMED Viewed

@@ -4,11 +4,12 @@ Flask-Humanify
 A Flask extension that protects against bots and DDoS attacks.
 """
-__version__ = "0.2.0"
+__version__ = "0.2.2"
 from . import utils
 from .humanify import Humanify
 from .features.rate_limiter import RateLimiter
+from .features.error_handler import ErrorHandler
-__all__ = ["Humanify", "RateLimiter", "utils"]
+__all__ = ["Humanify", "RateLimiter", "ErrorHandler", "utils"]

flask_humanify-0.2.2/flask_humanify/datasets/keys.pkl ADDED Viewed

Binary file

flask_humanify-0.2.2/flask_humanify/features/error_handler.py ADDED Viewed

@@ -0,0 +1,177 @@
+from typing import Final, Optional
+from flask import Flask, render_template
+ERROR_CODES: Final[dict] = {
+    400: {
+        "title": "Bad Request",
+        "description": "The server could not understand your request due to invalid syntax.",
+    },
+    401: {
+        "title": "Unauthorized",
+        "description": "You must authenticate yourself to get the requested response.",
+    },
+    403: {
+        "title": "Forbidden",
+        "description": "You do not have access rights to the content.",
+    },
+    404: {
+        "title": "Not Found",
+        "description": "The server cannot find the requested resource.",
+    },
+    405: {
+        "title": "Method Not Allowed",
+        "description": "The request method is known by the server but is not supported by the target resource.",
+    },
+    406: {
+        "title": "Not Acceptable",
+        "description": (
+            "The server cannot produce a response matching the list of acceptable values "
+            "defined in your request's proactive content negotiation headers."
+        ),
+    },
+    408: {
+        "title": "Request Timeout",
+        "description": (
+            "The server did not receive a complete request message from you within the time that "
+            "it was prepared to wait."
+        ),
+    },
+    409: {
+        "title": "Conflict",
+        "description": (
+            "The request could not be completed due to a conflict with the current state of "
+            "the target resource."
+        ),
+    },
+    410: {
+        "title": "Gone",
+        "description": "The requested resource is no longer available and will not be available again.",
+    },
+    411: {
+        "title": "Length Required",
+        "description": "The server refuses to accept the request without a defined Content-Length header.",
+    },
+    412: {
+        "title": "Precondition Failed",
+        "description": (
+            "The server does not meet one of the preconditions that you put on "
+            "the request header fields."
+        ),
+    },
+    413: {
+        "title": "Payload Too Large",
+        "description": "The request entity is larger than limits defined by the server.",
+    },
+    414: {
+        "title": "URI Too Long",
+        "description": "The URI requested by you is longer than the server is willing to interpret.",
+    },
+    415: {
+        "title": "Unsupported Media Type",
+        "description": "The media format of the requested data is not supported by the server.",
+    },
+    416: {
+        "title": "Range Not Satisfiable",
+        "description": "The range specified by the Range header field in your request can't be fulfilled.",
+    },
+    417: {
+        "title": "Expectation Failed",
+        "description": (
+            "The expectation given in your request's Expect header field could not be met by at "
+            "least one of the inbound servers."
+        ),
+    },
+    418: {
+        "title": "I'm a teapot",
+        "description": "The web server rejects the attempt to make coffee with a teapot.",
+    },
+    422: {
+        "title": "Unprocessable Entity",
+        "description": "The request was well-formed but was unable to be followed due to semantic errors.",
+    },
+    423: {
+        "title": "Locked",
+        "description": "The resource that is being accessed is locked.",
+    },
+    424: {
+        "title": "Failed Dependency",
+        "description": "The request failed due to failure of a previous request.",
+    },
+    428: {
+        "title": "Precondition Required",
+        "description": "The origin server requires your request to be conditional.",
+    },
+    429: {
+        "title": "Too Many Requests",
+        "description": "You have sent too many requests in a given amount of time.",
+    },
+    431: {
+        "title": "Request Header Fields Too Large",
+        "description": (
+            "The server is unwilling to process your request because its header "
+            "fields are too large."
+        ),
+    },
+    451: {
+        "title": "Unavailable For Legal Reasons",
+        "description": "The server is denying access to the resource as a consequence of a legal demand.",
+    },
+    500: {
+        "title": "Internal Server Error",
+        "description": "The server has encountered a situation it doesn't know how to handle.",
+    },
+    501: {
+        "title": "Not Implemented",
+        "description": "The request method is not supported by the server and cannot be handled.",
+    },
+    502: {
+        "title": "Bad Gateway",
+        "description": (
+            "The server, while acting as a gateway or proxy, received an invalid response from "
+            "the upstream server."
+        ),
+    },
+    503: {
+        "title": "Service Unavailable",
+        "description": "The server is not ready to handle the request.",
+    },
+    504: {
+        "title": "Gateway Timeout",
+        "description": (
+            "The server is acting as a gateway or proxy and did not receive a timely response "
+            "from the upstream server."
+        ),
+    },
+    505: {
+        "title": "HTTP Version Not Supported",
+        "description": "The HTTP version used in your request is not supported by the server.",
+    },
+}
+class ErrorHandler:
+    def __init__(self, app: Flask, errors: Optional[list[int]] = None):
+        self.app = app
+        for error_code in errors or ERROR_CODES:
+            self.app.register_error_handler(error_code, self.handle_error)
+    def handle_error(self, error: Exception) -> tuple:
+        """Render exception page with appropriate error information."""
+        code = getattr(error, "code", type(error).__name__)
+        info = ERROR_CODES.get(code, {})
+        title = f"{code} | {info.get('title', 'Error')}"
+        message = (
+            info.get("description")
+            or str(error).split(" ", 1)[-1].strip()
+            or "An error occurred"
+        )
+        return render_template("exception.html").replace(
+            "EXCEPTION_TITLE", title
+        ).replace("EXCEPTION_CODE", str(code)).replace(
+            "EXCEPTION_MESSAGE", message
+        ), getattr(
+            error, "code", 500
+        )

{flask_humanify-0.2.0 → flask_humanify-0.2.2}/flask_humanify/humanify.py RENAMED Viewed

@@ -1,7 +1,9 @@
 from dataclasses import dataclass
 import logging
 import random
-from typing import List, Optional
+from typing import List, Optional, Union, Dict, Any, Pattern
+import re
+import fnmatch
 from werkzeug.wrappers import Response
 from flask import (
@@ -46,13 +48,13 @@ IMAGE_CAPTCHA_MAPPING = {
         "num_correct": (2, 3),
         "num_images": 9,
         "preview_image": False,
-        "hardness_range": (1, 4),
+        "hardness_range": (1, 3),
     },
     "one_click": {
         "num_correct": 1,
         "num_images": 6,
         "preview_image": True,
-        "hardness_range": (1, 2),
+        "hardness_range": (1, 3),
     },
 }
@@ -127,11 +129,16 @@ class Humanify:
     """
     def __init__(
-        self, app=None, challenge_type: str = "one_click", captcha_dataset: str = "ai_dogs"
+        self,
+        app=None,
+        challenge_type: str = "one_click",
+        image_dataset: Optional[str] = "ai_dogs",
+        audio_dataset: Optional[str] = None,
     ):
         self.app = app
         self.challenge_type = challenge_type
-        self.captcha_dataset = captcha_dataset
+        self.image_dataset = image_dataset
+        self.audio_dataset = audio_dataset
         if app is not None:
             self.init_app(app)
@@ -142,7 +149,8 @@ class Humanify:
         self.app = app
         ensure_server_running(
-            image_dataset=self.captcha_dataset,
+            image_dataset=self.image_dataset,
+            audio_dataset=self.audio_dataset,
         )
         self.memory_client = MemoryClient()
         self.memory_client.connect()
@@ -162,6 +170,9 @@ class Humanify:
             """
             Challenge route.
             """
+            if self.image_dataset is None:
+                return self._render_challenge(is_audio=True)
             return self._render_challenge()
         @self.blueprint.route("/humanify/audio_challenge", methods=["GET"])
@@ -169,6 +180,11 @@ class Humanify:
             """
             Audio challenge route.
             """
+            if self.audio_dataset is None:
+                return redirect(
+                    url_for("humanify.challenge", return_url=request.full_path)
+                )
             return self._render_challenge(is_audio=True)
         @self.blueprint.route("/humanify/verify", methods=["POST"])
@@ -176,6 +192,9 @@ class Humanify:
             """
             Verify route.
             """
+            if self.image_dataset is None:
+                abort(404)
             return self._verify_captcha()
         @self.blueprint.route("/humanify/verify_audio", methods=["POST"])
@@ -183,6 +202,9 @@ class Humanify:
             """
             Verify audio route.
             """
+            if self.audio_dataset is None:
+                abort(404)
             return self._verify_audio_captcha()
         @self.blueprint.route("/humanify/access_denied", methods=["GET"])
@@ -198,27 +220,168 @@ class Humanify:
                 {"Cache-Control": "public, max-age=15552000"},
             )
-    def register_middleware(self, action: str = "challenge"):
+    def register_middleware(
+        self,
+        action: str = "challenge",
+        endpoint_patterns: Union[str, List[str], None] = None,
+        url_patterns: Union[str, List[str], None] = None,
+        exclude_patterns: Union[str, List[str], None] = None,
+        request_filters: Optional[Dict[str, Any]] = None,
+    ):
         """
-        Register the middleware.
+        Register the middleware with advanced filtering options.
+        Args:
+            action: The action to take when a bot is detected ('challenge' or 'deny_access')
+            endpoint_patterns: Endpoint patterns to match (regex or glob patterns)
+            url_patterns: URL patterns to match (regex or glob patterns)
+            exclude_patterns: Patterns to exclude from protection (regex or glob patterns)
+            request_filters: Dict of request attributes and values to filter by
         """
         self.app = self.app or current_app
+        if isinstance(endpoint_patterns, str):
+            endpoint_patterns = [endpoint_patterns]
+        if isinstance(url_patterns, str):
+            url_patterns = [url_patterns]
+        if isinstance(exclude_patterns, str):
+            exclude_patterns = [exclude_patterns]
+        compiled_endpoint_patterns = (
+            self._compile_patterns(endpoint_patterns) if endpoint_patterns else None
+        )
+        compiled_url_patterns = (
+            self._compile_patterns(url_patterns) if url_patterns else None
+        )
+        compiled_exclude_patterns = (
+            self._compile_patterns(exclude_patterns) if exclude_patterns else None
+        )
         @self.app.before_request
         def before_request():
             """
-            Before request hook.
+            Before request hook with advanced filtering.
             """
             if request.endpoint and request.endpoint.startswith("humanify."):
                 return
-            if self.is_bot:
+            current_endpoint = request.endpoint or ""
+            current_path = request.path
+            if compiled_exclude_patterns and self._matches_any_pattern(
+                current_endpoint, current_path, compiled_exclude_patterns
+            ):
+                return
+            patterns_specified = (
+                compiled_endpoint_patterns is not None
+                or compiled_url_patterns is not None
+            )
+            matches_endpoint = not patterns_specified or (
+                compiled_endpoint_patterns
+                and self._matches_any_pattern(
+                    current_endpoint, None, compiled_endpoint_patterns
+                )
+            )
+            matches_url = not patterns_specified or (
+                compiled_url_patterns
+                and self._matches_any_pattern(None, current_path, compiled_url_patterns)
+            )
+            matches_request_filters = (
+                not request_filters or self._matches_request_filters(request_filters)
+            )
+            if (
+                (matches_endpoint or matches_url)
+                and matches_request_filters
+                and self.is_bot
+            ):
                 if action == "challenge":
                     return self.challenge()
                 if action == "deny_access":
                     return self.deny_access()
+    def _compile_patterns(self, patterns):
+        """
+        Compile a list of patterns into regex patterns.
+        Handles glob patterns like * and ? by converting them to regex.
+        """
+        compiled = []
+        for pattern in patterns:
+            if pattern is None:
+                continue
+            if "*" in pattern or "?" in pattern:
+                regex_pattern = fnmatch.translate(pattern)
+                compiled.append(re.compile(regex_pattern))
+            else:
+                try:
+                    compiled.append(re.compile(pattern))
+                except re.error:
+                    compiled.append(re.compile(re.escape(pattern)))
+        return compiled
+    def _matches_any_pattern(
+        self,
+        endpoint: Optional[str],
+        path: Optional[str],
+        compiled_patterns: List[Pattern],
+    ):
+        """
+        Check if the current endpoint or path matches any of the compiled patterns.
+        """
+        for pattern in compiled_patterns:
+            if endpoint is not None and pattern.search(endpoint):
+                return True
+            if path is not None and pattern.search(path):
+                return True
+        return False
+    def _matches_request_filters(self, request_filters: Dict[str, Any]) -> bool:
+        """
+        Check if the current request matches all the specified filters.
+        Filters can target any attribute of the request object or its nested properties.
+        """
+        for key, value in request_filters.items():
+            parts = key.split(".")
+            obj = request
+            for part in parts[:-1]:
+                if hasattr(obj, part):
+                    obj = getattr(obj, part)
+                elif isinstance(obj, dict) and part in obj:
+                    obj = obj[part]
+                else:
+                    return False
+            final_attr = parts[-1]
+            if hasattr(obj, final_attr):
+                attr_value = getattr(obj, final_attr)
+            elif isinstance(obj, dict) and final_attr in obj:
+                attr_value = obj[final_attr]
+            else:
+                return False
+            if isinstance(value, str) and value.startswith("regex:"):
+                regex_pattern = value[6:]
+                try:
+                    if not re.search(regex_pattern, str(attr_value)):
+                        return False
+                except (re.error, TypeError):
+                    return False
+            elif isinstance(value, list):
+                if attr_value not in value:
+                    return False
+            elif attr_value != value:
+                return False
+        return True
     @property
     def client_ip(self) -> Optional[str]:
         """Get the client IP address."""
@@ -310,7 +473,7 @@ class Humanify:
             num_correct=captcha_config["num_correct"],
             num_images=captcha_config["num_images"],
             preview_image=use_preview_image,
-            dataset_name=self.captcha_dataset,
+            dataset_name=self.image_dataset,
         )
         if not images_bytes:
@@ -319,16 +482,15 @@ class Humanify:
         processed_images = []
         for i, img_bytes in enumerate(images_bytes):
             try:
-                hardness = random.randint(
-                    captcha_config["hardness_range"][0],
-                    captcha_config["hardness_range"][1],
-                )
-                distorted = manipulate_image_bytes(
+                distorted_img_bytes = manipulate_image_bytes(
                     img_bytes,
                     is_small=not (i == 0 and use_preview_image),
-                    hardness=hardness,
+                    hardness=random.randint(
+                        captcha_config["hardness_range"][0],
+                        captcha_config["hardness_range"][1],
+                    ),
                 )
-                processed_images.append(image_bytes_to_data_url(distorted))
+                processed_images.append(image_bytes_to_data_url(distorted_img_bytes))
             except Exception as e:
                 current_app.logger.error(f"Error processing image: {e}")
                 processed_images.append(
@@ -359,7 +521,7 @@ class Humanify:
                 captcha_data=captcha_data,
                 return_url=return_url or "/",
                 error=error,
-                audio_challenge_available=True,
+                audio_challenge_available=self.audio_dataset is not None,
             ),
             mimetype="text/html",
         )
@@ -400,7 +562,7 @@ class Humanify:
                 captcha_data=captcha_data,
                 return_url=return_url or "/",
                 error=error,
-                image_challenge_available=True,
+                image_challenge_available=self.image_dataset is not None,
             ),
             mimetype="text/html",
         )

{flask_humanify-0.2.0 → flask_humanify-0.2.2}/flask_humanify/memory_server.py RENAMED Viewed

@@ -204,7 +204,9 @@ class MemoryServer:
             return False
     def load_captcha_datasets(
-        self, image_dataset: str = "animals", audio_dataset: Optional[str] = None
+        self,
+        image_dataset: Optional[str] = None,
+        audio_dataset: Optional[str] = None,
     ) -> bool:
         """Load captcha datasets into memory."""
         try:
@@ -819,8 +821,8 @@ class MemoryClient:
 def ensure_server_running(
     port: int = 9876,
     data_path: Optional[str] = None,
-    image_dataset: str = "animals",
-    audio_dataset: str = "characters",
+    image_dataset: Optional[str] = None,
+    audio_dataset: Optional[str] = None,
 ) -> None:
     """Ensure that the memory server is running."""
     if data_path is None:

{flask_humanify-0.2.0 → flask_humanify-0.2.2}/flask_humanify/templates/audio_challenge.html RENAMED Viewed

@@ -198,7 +198,9 @@
                 href="{{ url_for('humanify.challenge', return_url=return_url) }}"
             >
                 <svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 512 512">
-                    <path d="M96 416q-14 0-23-9t-9-23V128q0-14 9-23t23-9h320q14 0 23 9t9 23v256q0 14-9 23t-23 9zm88-176q20 0 34-14t14-34-14-34-34-14-34 14-14 34 14 34 34 14m216 128v-64l-64-64-96 96-56-57-88 89z"/>
+                    <path
+                        d="M96 416q-14 0-23-9t-9-23V128q0-14 9-23t23-9h320q14 0 23 9t9 23v256q0 14-9 23t-23 9zm88-176q20 0 34-14t14-34-14-34-34-14-34 14-14 34 14 34 34 14m216 128v-64l-64-64-96 96-56-57-88 89z"
+                    />
                 </svg>
                 Image challenge
             </a>

flask_humanify-0.2.2/flask_humanify/templates/exception.html ADDED Viewed

@@ -0,0 +1,66 @@
+<!doctype html>
+<html lang="en">
+    <head>
+        <meta charset="UTF-8" />
+        <meta name="viewport" content="width=device-width, initial-scale=1.0" />
+        <title>EXCEPTION_TITLE</title>
+        <style>
+            body {
+                font-family: system-ui, sans-serif;
+                background: #f2f2f2;
+                color: #181818;
+                margin: 0;
+                line-height: 1.5;
+                text-align: center;
+                display: grid;
+                place-items: center;
+                height: 100vh;
+                padding: 0 20px;
+            }
+            @media (prefers-color-scheme: dark) {
+                body {
+                    background: #121212;
+                    color: #f2f2f2;
+                }
+                .btn {
+                    background: #f2f2f2;
+                    color: #121212;
+                }
+            }
+            .content {
+                max-width: 600px;
+            }
+            h1 {
+                font-size: 64px;
+                margin: 15px 0;
+            }
+            p {
+                font-size: 20px;
+                margin: 15px 0;
+                opacity: 0.8;
+            }
+            .btn {
+                display: inline-block;
+                padding: 12px 24px;
+                background: #181818;
+                color: #f2f2f2;
+                border-radius: 6px;
+                text-decoration: none;
+                margin-top: 20px;
+            }
+        </style>
+    </head>
+    <body>
+        <div class="content">
+            <h1>EXCEPTION_CODE</h1>
+            <p>EXCEPTION_MESSAGE</p>
+            <a href="/" class="btn">Back to home</a>
+        </div>
+    </body>
+</html>

{flask_humanify-0.2.0 → flask_humanify-0.2.2}/flask_humanify/utils.py RENAMED Viewed

@@ -251,6 +251,8 @@ def manipulate_image_bytes(
     """Manipulates an image represented by bytes to create a distorted version."""
     # pylint: disable=no-member
+    hardness = min(max(1, hardness), 4)
     img = cv2.imdecode(np.frombuffer(image_data, np.uint8), cv2.IMREAD_COLOR)
     if img is None:
         logger.error("Image data could not be decoded by OpenCV")
@@ -259,25 +261,85 @@ def manipulate_image_bytes(
     size = 100 if is_small else 200
     img = cv2.resize(img, (size, size), interpolation=cv2.INTER_LINEAR)
-    if hardness > 3:
-        num_dots = np.random.randint(20, 100) * (hardness - 3)
-        dot_coords = np.random.randint(0, [size, size], size=(num_dots, 2))
-        colors = np.random.randint(0, 256, size=(num_dots, 3))
+    mask_pattern = np.zeros((size, size, 3), dtype=np.uint8)
+    grid_size = max(8, 16 - hardness * 2)
+    for i in range(0, size, grid_size):
+        thickness = 1
+        cv2.line(mask_pattern, (i, 0), (i, size), (2, 2, 2), thickness)
+        cv2.line(mask_pattern, (0, i), (size, i), (2, 2, 2), thickness)
-        for (x, y), color in zip(dot_coords, colors):
-            img[y, x] = color
+    mask_opacity = min(0.06 + hardness * 0.03, 0.18)
+    img = cv2.addWeighted(img, 1 - mask_opacity, mask_pattern, mask_opacity, 0)
-        num_lines = np.random.randint(20, 100) * (hardness - 3)
-        start_coords = np.random.randint(0, [size, size], size=(num_lines, 2))
-        end_coords = np.random.randint(0, [size, size], size=(num_lines, 2))
-        colors = np.random.randint(0, 256, size=(num_lines, 3))
+    noise_max = max(1, 1 + hardness // 2)
+    noise_pattern = np.random.randint(
+        0, noise_max, size=(size, size, 3), dtype=np.uint8
+    )
+    img = cv2.add(img, noise_pattern)
+    num_dots = np.random.randint(5 + 5 * hardness, 10 + 10 * hardness + 1)
+    dot_coords = np.random.randint(0, [size, size], size=(num_dots, 2))
+    dot_intensity = 0.05 + hardness * 0.05
+    rand_max = max(1, 10 * hardness)
+    colors = np.random.randint(0, rand_max, size=(num_dots, 3)) + np.array(
+        [img[coord[1], coord[0]] for coord in dot_coords]
+    ) * (1 - dot_intensity)
+    colors = np.clip(colors, 0, 255).astype(np.uint8)
+    for (x, y), color in zip(dot_coords, colors):
+        img[y, x] = color
+    num_lines = np.random.randint(2 * hardness, 5 * hardness + 1)
+    start_coords = np.random.randint(0, [size, size], size=(num_lines, 2))
+    end_coords = np.random.randint(0, [size, size], size=(num_lines, 2))
+    line_intensity = max(4, 3 * hardness)
+    colors = np.random.randint(3, line_intensity, size=(num_lines, 3))
+    for (start, end), color in zip(zip(start_coords, end_coords), colors):
+        cv2.line(img, tuple(start), tuple(end), color.tolist(), 1)
+    for _ in range(hardness):
+        x = np.random.randint(0, size)
+        y = np.random.randint(0, size)
+        length = np.random.randint(5 + 3 * hardness, 10 + 5 * hardness + 1)
+        angle = np.random.randint(0, 360)
+        text_max = max(3, 2 + hardness)
+        text_color = np.random.randint(1, text_max, 3).tolist()
+        end_x = int(x + length * np.cos(np.radians(angle)))
+        end_y = int(y + length * np.sin(np.radians(angle)))
+        cv2.line(img, (x, y), (end_x, end_y), text_color, 1)
+    for _ in range(1 + hardness // 2):
+        patch_size = np.random.randint(4 + hardness, 6 + 3 * hardness + 1)
+        x = np.random.randint(0, size - patch_size)
+        y = np.random.randint(0, size - patch_size)
+        patch = np.zeros((patch_size, patch_size, 3), dtype=np.uint8)
+        for i in range(0, patch_size, 2):
+            for j in range(0, patch_size, 2):
+                if (i + j) % 4 == 0:
+                    patch_color_max = max(2, 1 + hardness)
+                    patch[i : i + 2, j : j + 2] = [
+                        np.random.randint(1, patch_color_max)
+                    ] * 3
+        patch_opacity = 0.03 + 0.02 * hardness
+        roi = img[y : y + patch_size, x : x + patch_size]
+        img[y : y + patch_size, x : x + patch_size] = cv2.addWeighted(
+            roi, 1 - patch_opacity, patch, patch_opacity, 0
+        )
-        for (start, end), color in zip(zip(start_coords, end_coords), colors):
-            cv2.line(img, tuple(start), tuple(end), color.tolist(), 1)
+    max_shift = hardness
+    x_shifts = np.random.randint(-max_shift, max_shift + 1, size=(size, size))
+    y_shifts = np.random.randint(-max_shift, max_shift + 1, size=(size, size))
-    max_shift = max(3, hardness + 1)
-    x_shifts = np.random.randint(-max(2, hardness + 4), max_shift, size=(size, size))
-    y_shifts = np.random.randint(-max(1, hardness + 4), max_shift, size=(size, size))
+    saturation_factor = 1 + hardness * 0.05
+    value_factor = 1 - hardness * 0.03
+    blur_factor = hardness * 0.05
     map_x, map_y = np.meshgrid(np.arange(size), np.arange(size))
     map_x = (map_x + x_shifts) % size
@@ -289,14 +351,18 @@ def manipulate_image_bytes(
     shifted_img_hsv = cv2.cvtColor(shifted_img, cv2.COLOR_BGR2HSV)
     shifted_img_hsv[..., 1] = np.clip(
-        shifted_img_hsv[..., 1] * (1 + hardness * 0.12), 0, 255
-    )
-    shifted_img_hsv[..., 2] = np.clip(
-        shifted_img_hsv[..., 2] * (1 - hardness * 0.09), 0, 255
+        shifted_img_hsv[..., 1] * saturation_factor, 0, 255
     )
+    shifted_img_hsv[..., 2] = np.clip(shifted_img_hsv[..., 2] * value_factor, 0, 255)
     shifted_img = cv2.cvtColor(shifted_img_hsv, cv2.COLOR_HSV2BGR)
-    shifted_img = cv2.GaussianBlur(shifted_img, (5, 5), hardness * 0.1)
+    shifted_img = cv2.GaussianBlur(shifted_img, (5, 5), blur_factor)
+    noise_high = max(1, 1 + hardness // 3)
+    high_freq_noise = np.random.randint(
+        0, noise_high, size=shifted_img.shape, dtype=np.uint8
+    )
+    shifted_img = cv2.add(shifted_img, high_freq_noise)
     _, output_bytes = cv2.imencode(".png", shifted_img)
     if not _:

{flask_humanify-0.2.0 → flask_humanify-0.2.2}/pyproject.toml RENAMED Viewed

@@ -1,6 +1,6 @@
 [project]
 name = "flask-Humanify"
-version = "0.2.0"
+version = "0.2.2"
 description = "Protect against bots and DDoS attacks"
 readme = "README.md"
 authors = [

flask_humanify-0.2.0/README.md DELETED Viewed

@@ -1,62 +0,0 @@
-<h1 align="center">flask-Humanify</h1>
-<p align="center">A strong bot protection system for Flask with many features: rate limiting, special rules for users, web crawler detection, and automatic bot detection.</p>
-<p align="center"><a rel="noreferrer noopener" href="https://github.com/tn3w/flask-Humanify"><img alt="Github" src="https://img.shields.io/badge/Github-141e24.svg?&style=for-the-badge&logo=github&logoColor=white"></a>  <a rel="noreferrer noopener" href="https://pypi.org/project/flask-Humanify/"><img alt="PyPI" src="https://img.shields.io/badge/PyPi-141e24.svg?&style=for-the-badge&logo=python&logoColor=white"></a>  <a rel="noreferrer noopener" href="https://libraries.io/pypi/flask-Humanify"><img alt="Libraries.io" src="https://img.shields.io/badge/Libraries.io-141e24.svg?&style=for-the-badge&logo=npm&logoColor=white"></a></p>
-<br>
-```python
-from flask import Flask
-from flask_Humanify import Humanify
-app = Flask(__name__)
-humanify = Humanify(app, challenge_type="one_click", captcha_dataset="ai_dogs")
-# Register the middleware to deny access to bots
-humanify.register_middleware(action="challenge")
-@app.route("/")
-def index():
-    """
-    A route that is protected against bots and DDoS attacks.
-    """
-    return "Hello, Human!"
-if __name__ == "__main__":
-    app.run()
-```
-Not using the middleware:
-```python
-@app.route("/")
-def index():
-    """
-    A route that is protected against bots and DDoS attacks.
-    """
-    if humanify.is_bot:
-        return humanify.challenge()
-    return "Hello, Human!"
-```
-## Usage
-### Installation
-Install the package with pip:
-```bash
-pip install flask-humanify --upgrade
-```
-Import the extension:
-```python
-from flask_humanify import Humanify
-```
-Add the extension to your Flask app:
-```python
-app = Flask(__name__)
-humanify = Humanify(app)
-```