Update app.py

app.py

@@ -6,7 +6,6 @@ import threading
 import requests
 from datetime import datetime, timezone
 from typing import Dict, Optional, Tuple
-from collections import defaultdict
 
 import gradio as gr
 from huggingface_hub import HfApi
@@ -38,9 +37,13 @@ _cache = {
 }
 CACHE_TTL_SEC = 10.0
 
-# Request tracking to identify suspicious patterns
-_request_tracker = defaultdict(list)  # {ip: [timestamps]}
+# Request log buffer and cache
 _request_log_buffer = []  # Buffer logs before writing to avoid too many uploads
+_request_log_cache = {
+    "ts": 0.0,
+    "data": None,  # Cached parsed log data
+}
+REQUEST_LOG_CACHE_TTL_SEC = 30.0  # Cache log for 30 seconds
 
 # -------------------------
 # Helpers
@@ -180,37 +183,73 @@ def _flush_request_log():
         )
 
         _request_log_buffer.clear()
+
+        # Invalidate cache so next check gets fresh data
+        _request_log_cache["ts"] = 0.0
     except Exception as e:
         print(f"Warning: Failed to flush request log: {e}")
 
+def _get_recent_requests_from_log(ip_address: str) -> list:
+    """Get recent requests for an IP from the log file (with caching)"""
+    now_time = time.time()
+    now_dt = datetime.now(timezone.utc)
+
+    # Check cache
+    if (_request_log_cache["data"] is not None and
+        (now_time - _request_log_cache["ts"] < REQUEST_LOG_CACHE_TTL_SEC)):
+        log_data = _request_log_cache["data"]
+    else:
+        # Download and parse log
+        try:
+            log_csv = _download_csv(DATASET_REPO_ID, REQUEST_LOG_PATH)
+            reader = csv.DictReader(io.StringIO(log_csv))
+            log_data = list(reader)
+
+            # Update cache
+            _request_log_cache["data"] = log_data
+            _request_log_cache["ts"] = now_time
+        except Exception:
+            # If log doesn't exist or there's an error, return empty list
+            return []
+
+    # Filter for this IP and recent requests
+    recent_timestamps = []
+    for row in log_data:
+        if row.get('ip_address') == ip_address:
+            try:
+                timestamp = datetime.fromisoformat(row['timestamp'])
+                age_seconds = (now_dt - timestamp).total_seconds()
+
+                # Only consider requests from the last hour
+                if age_seconds < 3600:
+                    recent_timestamps.append(age_seconds)
+            except (ValueError, KeyError):
+                continue
+
+    return recent_timestamps
+
 def _check_suspicious_activity(ip_address: str, order_number: str) -> list:
     """Check for suspicious patterns and return list of flags"""
     flags = []
-    now = time.time()
-
-    # Track requests from this IP
-    _request_tracker[ip_address].append(now)
 
-    # Clean old entries (older than 1 hour)
-    _request_tracker[ip_address] = [
-        ts for ts in _request_tracker[ip_address]
-        if now - ts < 3600
-    ]
+    # Get recent requests from the persistent log
+    recent_request_ages = _get_recent_requests_from_log(ip_address)
 
-    recent_requests = _request_tracker[ip_address]
+    # Count current request
+    total_requests = len(recent_request_ages) + 1
 
     # Flag: More than 20 requests in the last hour
-    if len(recent_requests) > 20:
+    if total_requests > 20:
         flags.append("HIGH_FREQUENCY")
 
     # Flag: More than 5 requests in the last minute
-    last_minute = [ts for ts in recent_requests if now - ts < 60]
-    if len(last_minute) > 5:
+    last_minute = sum(1 for age in recent_request_ages if age < 60) + 1
+    if last_minute > 5:
         flags.append("RAPID_REQUESTS")
 
     # Flag: More than 10 requests in the last 5 minutes
-    last_5_min = [ts for ts in recent_requests if now - ts < 300]
-    if len(last_5_min) > 10:
+    last_5_min = sum(1 for age in recent_request_ages if age < 300) + 1
+    if last_5_min > 10:
         flags.append("BURST_PATTERN")
 
     return flags
@@ -364,3 +403,4 @@ with gr.Blocks(title="API") as demo:
 
 demo.queue()
 demo.launch()
+