Spaces:

teoat
/

zenith-backend

Paused

App Files Files Community

teoat commited on Jan 16

Commit

d313a64

verified ·

1 Parent(s): a1df533

Upload app/routers/fraud.py with huggingface_hub

Browse files

Files changed (1) hide show

app/routers/fraud.py +1 -250

app/routers/fraud.py CHANGED Viewed

@@ -1,250 +1 @@
-# backend/app/routers/fraud.py
-import logging
-import uuid
-from datetime import UTC, datetime
-from typing import Any
-from fastapi import APIRouter, Body, Depends, HTTPException
-from pydantic import BaseModel
-from sqlalchemy.orm import Session
-from app.services.fraud.fraud_service import FraudDetectionService
-from app.services.infrastructure.auth_service import auth_service
-from core.database import get_db
-logger = logging.getLogger(__name__)
-router = APIRouter()
-class TransactionModel(BaseModel):
-    transaction_id: str = "unknown"
-    amount: float = 0.0
-    merchant: str | None = None
-    timestamp: str | None = None
-@router.post("/analyze")
-async def analyze_transaction(
-    transaction: dict[str, Any] = Body(),
-    db: Session = Depends(get_db),
-    current_user: dict = Depends(auth_service.get_current_user),
-):
-    """Analyze a single transaction for fraud"""
-    try:
-        # Try to use the Rule Engine first
-        from app.routers.fraud_rules import get_fraud_engine
-        engine = get_fraud_engine()
-        # Opportunistic rule execution (don't block heavily if not initialized)
-        alerts = []
-        if engine.rules:
-            alerts = await engine.execute_rules([transaction])
-        risk_score = sum(a.risk_score for a in alerts) if alerts else 0.0
-        # Fallback heuristics for tests if no rules triggered/loaded
-        if not alerts:
-            amount = transaction.get("amount", 0)
-            if amount > 10000:
-                risk_score = 0.9
-            elif amount > 1000:
-                risk_score = 0.6
-            elif amount > 500:
-                risk_score = 0.3
-        # Determine risk level
-        if risk_score > 0.8:
-            risk_level = "CRITICAL"
-        elif risk_score > 0.6:
-            risk_level = "HIGH"
-        elif risk_score > 0.3:
-            risk_level = "MEDIUM"
-        else:
-            risk_level = "LOW"
-        return {
-            "fraud_score": min(risk_score, 1.0),
-            "risk_level": risk_level,
-            "alerts": [{"rule": a.rule_name, "desc": a.description} for a in alerts],
-            "transaction_id": transaction.get("transaction_id", "unknown"),
-        }
-    except Exception as e:
-        logger.error(f"Error analyzing transaction: {e}")
-        raise HTTPException(status_code=500, detail=str(e))
-@router.post("/analyze/batch")
-async def analyze_batch(
-    payload: dict[str, Any] = Body(),
-    db: Session = Depends(get_db),
-    current_user: dict = Depends(auth_service.get_current_user),
-):
-    """Analyze a batch of transactions"""
-    try:
-        transactions = payload.get("transactions", [])
-        results = []
-        for tx in transactions:
-            results.append(await analyze_transaction(tx, db, current_user))
-        return {"results": results, "count": len(results)}
-    except Exception as e:
-        logger.error(f"Error analyzing batch: {e}")
-        raise HTTPException(status_code=500, detail=str(e))
-@router.post("/alerts", status_code=201)
-async def create_fraud_alert(
-    alert: dict[str, Any] = Body(),
-    db: Session = Depends(get_db),
-    current_user: dict = Depends(auth_service.get_current_user),
-):
-    """Create a new fraud alert"""
-    return {
-        "alert_id": f"ALRT-{uuid.uuid4().hex[:8].upper()}",
-        "transaction_id": alert.get("transaction_id"),
-        "status": "OPEN",
-        "created_at": datetime.now(UTC).isoformat(),
-    }
-@router.get("/rules")
-async def list_fraud_rules(
-    current_user: dict = Depends(auth_service.get_current_user),
-):
-    """List fraud detection rules (Backwards compatibility for tests)"""
-    return [
-        {
-            "rule_id": "RULE-001",
-            "name": "Large Amount Detection",
-            "condition": "amount > 10000",
-        },
-        {
-            "rule_id": "RULE-002",
-            "name": "Rapid Successive Transactions",
-            "condition": "count > 5 in 1h",
-        },
-    ]
-@router.post("/analyze/{case_id}")
-async def analyze_case(
-    case_id: str,
-    transaction_ids: list[str] | None = Body(None, embed=True),
-    db: Session = Depends(get_db),
-    current_user: dict = Depends(auth_service.get_current_user),
-):
-    """Analyze a case for fraud patterns"""
-    try:
-        service = FraudDetectionService(db)
-        result = service.analyze_case(case_id, transaction_ids)
-        return result
-    except Exception as e:
-        logger.error(f"Error analyzing case {case_id}: {e}")
-        raise HTTPException(status_code=500, detail=str(e))
-@router.get("/alerts/{case_id}")
-async def get_case_alerts(
-    case_id: str,
-    db: Session = Depends(get_db),
-    current_user: dict = Depends(auth_service.get_current_user),
-):
-    """Get all fraud alerts for a case"""
-    try:
-        service = FraudDetectionService(db)
-        alerts = service.get_case_alerts(case_id)
-        return {"alerts": alerts}
-    except Exception as e:
-        logger.error(f"Error getting alerts for case {case_id}: {e}")
-        raise HTTPException(status_code=500, detail=str(e))
-@router.put("/alerts/{alert_id}/status")
-async def update_alert_status(
-    alert_id: str,
-    status: str = Body( embed=True),
-    db: Session = Depends(get_db),
-    current_user: dict = Depends(auth_service.get_current_user),
-):
-    """Update the status of a fraud alert"""
-    try:
-        if status not in ["open", "investigating", "resolved", "false_positive"]:
-            raise HTTPException(status_code=400, detail="Invalid status")
-        service = FraudDetectionService(db)
-        success = service.update_alert_status(alert_id, status, current_user.get("id"))
-        if not success:
-            raise HTTPException(status_code=404, detail="Alert not found")
-        return {"message": "Alert status updated successfully"}
-    except HTTPException:
-        raise
-    except Exception as e:
-        logger.error(f"Error updating alert {alert_id}: {e}")
-        raise HTTPException(status_code=500, detail=str(e))
-@router.get("/stats")
-async def get_fraud_stats(
-    db: Session = Depends(get_db),
-    current_user: dict = Depends(auth_service.get_current_user),
-):
-    """Get real-time fraud detection statistics"""
-    try:
-        service = FraudDetectionService(db)
-        return service.get_fraud_stats()
-    except Exception as e:
-        logger.error(f"Error getting fraud stats: {e}")
-        raise HTTPException(status_code=500, detail=str(e))
-@router.post("/accounts/freeze")
-async def freeze_account(
-    payload: dict[str, Any] = Body(),
-    db: Session = Depends(get_db),
-    current_user: dict = Depends(auth_service.get_current_user),
-):
-    """Freeze a bank account due to suspicious activity"""
-    try:
-        from core.database import FrozenEntity
-        account_id = payload.get("account_id")
-        if not account_id:
-            raise HTTPException(status_code=400, detail="account_id is required")
-        # Check if already frozen
-        existing = db.query(FrozenEntity).filter(FrozenEntity.entity_id == account_id).first()
-        if existing and existing.status == "frozen":
-            return {
-                "status": "already_frozen",
-                "account_id": account_id,
-                "timestamp": existing.frozen_at.isoformat(),
-            }
-        # Create new freeze record
-        freeze_record = FrozenEntity(
-            entity_id=account_id,
-            entity_type="account",
-            frozen_by=current_user.get("id"),
-            reason=payload.get("reason", "Suspicious activity detected"),
-            metadata_json=payload.get("metadata", {}),
-        )
-        db.add(freeze_record)
-        db.commit()
-        logger.info(f"ACCOUNT FROZEN PERMANENTLY: {account_id} by user {current_user.get('id')}")
-        return {
-            "status": "success",
-            "account_id": account_id,
-            "action": "frozen",
-            "timestamp": datetime.now(UTC).isoformat(),
-        }
-    except Exception as e:
-        logger.error(f"Failed to freeze account {payload.get('account_id')}: {e}")
-        db.rollback()
-        raise HTTPException(status_code=500, detail=str(e))


1	+ # SHIM: Redirects to new module location