Enhance blacklist check with PhishTank and implement robust logging system

app.py

@@ -5,20 +5,25 @@ from fastapi.staticfiles import StaticFiles
 from fastapi.responses import FileResponse
 from contextlib import asynccontextmanager
 
+from config.logging import get_logger
 from storage.db import init_db
 from scheduler.runner import start_scheduler
 from api.routes import router
 from config.settings import HOST, PORT
 
+logger = get_logger("main")
 
 @asynccontextmanager
 async def lifespan(app: FastAPI):
     # Startup
+    logger.info("Starting WebGuard application...")
     init_db()
     start_scheduler()
     os.makedirs("screenshots", exist_ok=True)
     os.makedirs("recordings", exist_ok=True)
+    logger.info("WebGuard startup complete.")
     yield
+    logger.info("Shutting down WebGuard...")
     # Shutdown (nothing needed)
 
 

checkers/blacklist_check.py

@@ -1,7 +1,9 @@
 import httpx
 import json
 from config.settings import GOOGLE_API_KEY
+from config.logging import get_logger
 
+logger = get_logger("checkers.blacklist")
 
 KNOWN_BLACKLISTS = [
     "https://raw.githubusercontent.com/nickspaargaren/no-google/master/categories/malware.txt",
@@ -9,14 +11,34 @@ KNOWN_BLACKLISTS = [
 
 
 async def run(url: str) -> dict:
+    logger.info(f"Running blacklist check for: {url}")
     if not url.startswith("http"):
         url = "https://" + url
 
     results = {}
 
+    # ── PhishTank (Open Source / Community) ──────────────────────────────────
+    try:
+        logger.debug("Checking PhishTank...")
+        async with httpx.AsyncClient(timeout=10) as client:
+            # Note: This is a simplified check. Real usage might need an API key for higher limits.
+            p_res = await client.post("https://checkurl.phishtank.com/checkurl/", data={"url": url, "format": "json"})
+            if p_res.status_code == 200:
+                p_data = p_res.json()
+                in_database = p_data.get("results", {}).get("in_database", False)
+                results["phishtank"] = {
+                    "status": "error" if in_database else "ok",
+                    "in_database": in_database,
+                    "note": "Verified Phish detected" if in_database else "Not found in PhishTank",
+                }
+    except Exception as e:
+        logger.error(f"PhishTank check failed: {e}")
+        results["phishtank"] = {"status": "info", "error": str(e)}
+
     # ── Google Safe Browsing ─────────────────────────────────────────────────
     if GOOGLE_API_KEY:
         try:
+            logger.debug("Checking Google Safe Browsing...")
             payload = {
                 "client": {"clientId": "webguard", "clientVersion": "1.0"},
                 "threatInfo": {
@@ -39,6 +61,7 @@ async def run(url: str) -> dict:
                     "note": "Threats detected!" if matches else "Clean",
                 }
         except Exception as e:
+            logger.error(f"Google Safe Browsing failed: {e}")
             results["google_safe_browsing"] = {"status": "info", "error": str(e)}
     else:
         results["google_safe_browsing"] = {

config/logging.py

@@ -0,0 +1,28 @@
+import logging
+import sys
+import os
+
+# Create a custom logger
+logger = logging.getLogger("webguard")
+logger.setLevel(logging.DEBUG)
+
+# Create handlers
+c_handler = logging.StreamHandler(sys.stdout)
+f_handler = logging.FileHandler("webguard.log", encoding="utf-8")
+
+c_handler.setLevel(logging.INFO)
+f_handler.setLevel(logging.DEBUG)
+
+# Create formatters and add it to handlers
+c_format = logging.Formatter('%(asctime)s - %(name)s - %(levelname)s - %(message)s')
+f_format = logging.Formatter('%(asctime)s - %(name)s - %(levelname)s - [%(filename)s:%(lineno)d] - %(message)s')
+
+c_handler.setFormatter(c_format)
+f_handler.setFormatter(f_format)
+
+# Add handlers to the logger
+logger.addHandler(c_handler)
+logger.addHandler(f_handler)
+
+def get_logger(module_name):
+    return logging.getLogger(f"webguard.{module_name}")