The Nginx WAF AI system provides a comprehensive RESTful API for real-time machine learning-based Web Application Firewall (WAF) rule generation and deployment. This document catalogs all available services and endpoints.
- Development:
http://localhost:8000 - Production:
https://your-domain.com(HTTPS required in production)
The API uses JWT (JSON Web Tokens) for authentication with role-based access control (RBAC).
- Admin: Full system access, user management, emergency controls
- Operator: System operations, processing control, rule deployment
- Viewer: Read-only access to system status and data
- JWT Token: Bearer token in Authorization header
- API Key: API key in X-API-Key header (for service-to-service)
- Endpoint:
POST /auth/login - Authentication: None (public)
- Rate Limit: 5 requests/minute
- Status: ✅ IMPLEMENTED
Request Body:
{
"username": "string",
"password": "string"
}Response:
{
"access_token": "string",
"token_type": "bearer",
"expires_in": 86400
}Testing Required:
- Valid credentials
- Invalid credentials
- Rate limiting enforcement
- Password strength validation
- Endpoint:
POST /auth/api-key - Authentication: Admin role required
- Rate Limit: 3 requests/minute
- Status: ✅ IMPLEMENTED
Request Body:
{
"username": "string"
}Response:
{
"api_key": "string",
"username": "string",
"created_at": "2025-01-20T15:30:00"
}Testing Required:
- Admin authentication
- Non-admin access denial
- API key generation and validation
- Endpoint:
POST /auth/users - Authentication: Admin role required
- Rate Limit: 5 requests/minute
- Status: ✅ IMPLEMENTED
Request Body:
{
"username": "string",
"password": "string",
"roles": ["admin", "operator", "viewer"]
}Testing Required:
- User creation with valid roles
- Password complexity validation
- Duplicate username handling
- Endpoint:
GET /auth/users - Authentication: Admin role required
- Rate Limit: 10 requests/minute
- Status: ✅ IMPLEMENTED
Testing Required:
- User listing with statistics
- Admin-only access
- Endpoint:
GET /api/security/stats - Authentication: Admin role required
- Rate Limit: 10 requests/minute
- Status: ✅ IMPLEMENTED
Response:
{
"timestamp": "2025-01-20T15:30:00",
"auth_stats": {},
"system_security": {
"https_enabled": false,
"rate_limiting": true,
"security_headers": true,
"debug_mode": false
}
}Testing Required:
- Security statistics accuracy
- Admin authentication
- Endpoint:
POST /api/security/unblock-ip - Authentication: Admin role required
- Rate Limit: 5 requests/minute
- Status:
⚠️ PARTIAL - Basic implementation, needs middleware integration
Request Body:
{
"ip_address": "192.168.1.100"
}Testing Required:
- IP address validation
- Actual unblocking functionality
- Security middleware integration
- Endpoint:
POST /api/security/emergency-shutdown - Authentication: Admin role required
- Rate Limit: 1 request/minute
- Status:
⚠️ PARTIAL - Basic implementation
Testing Required:
- Emergency shutdown execution
- System state preservation
- Recovery procedures
- Endpoint:
GET / - Authentication: None
- Rate Limit: 30 requests/minute
- Status: ✅ IMPLEMENTED
- Endpoint:
GET /health - Authentication: None
- Rate Limit: 60 requests/minute
- Status: ✅ IMPLEMENTED
Testing Required:
- Component status accuracy
- Response time
- Endpoint:
GET /metrics - Authentication: Viewer role required
- Rate Limit: 30 requests/minute
- Status: ✅ IMPLEMENTED
Testing Required:
- Prometheus format compliance
- Metric accuracy
- Authentication requirement
- Endpoint:
GET /api/debug/status - Authentication: Operator role required
- Rate Limit: 10 requests/minute
- Status: ✅ IMPLEMENTED
Testing Required:
- Component status accuracy
- Debug information completeness
- Endpoint:
POST /api/debug/test-prediction - Authentication: Operator role required
- Rate Limit: 5 requests/minute
- Status: ✅ IMPLEMENTED
Testing Required:
- ML model response accuracy
- Test data validation
- Threat detection thresholds
- Endpoint:
GET /api/status - Authentication: Viewer role required
- Rate Limit: 10 requests/minute
- Status: ✅ IMPLEMENTED
Testing Required:
- Real-time status accuracy
- Component availability
- Endpoint:
GET /api/health - Authentication: Viewer role required
- Rate Limit: 20 requests/minute
- Status: ✅ IMPLEMENTED
Response:
{
"system_status": "healthy|degraded|critical|failing",
"health_score": 95.5,
"processing_state": {},
"components": {},
"degradation": {},
"circuit_breakers": {},
"error_recovery": {}
}Testing Required:
- Health score calculation
- Degradation status accuracy
- Circuit breaker status
- Endpoint:
GET /api/stats - Authentication: Viewer role required
- Rate Limit: 20 requests/minute
- Status: ❌ NOT IMPLEMENTED - Function body missing
Issues:
- Empty function body
- No response structure defined
- Endpoint:
POST /api/nodes/add - Authentication: Admin role required
- Rate Limit: 5 requests/minute
- Status: ✅ IMPLEMENTED
Request Body:
{
"node_id": "string",
"hostname": "string",
"ssh_host": "string",
"ssh_port": 22,
"ssh_username": "string",
"ssh_key_path": "string",
"nginx_config_path": "string",
"nginx_reload_command": "string",
"api_endpoint": "string"
}Testing Required:
- Node validation
- SSH connectivity
- Nginx configuration access
- Endpoint:
GET /api/nodes - Authentication: Viewer role required
- Rate Limit: 20 requests/minute
- Status: ✅ IMPLEMENTED
Testing Required:
- Node listing accuracy
- Node status information
- Endpoint:
GET /api/nodes/status - Authentication: Viewer role required
- Rate Limit: 20 requests/minute
- Status: ✅ IMPLEMENTED
Testing Required:
- Cluster health monitoring
- Individual node status
- Network connectivity checks
- Endpoint:
POST /api/training/start - Authentication: Operator role required
- Rate Limit: 3 requests/minute
- Status: ✅ IMPLEMENTED
Request Body:
{
"training_data": [
{
"url_length": 30,
"body_length": 0,
"headers_count": 5,
"content_length": 0,
"has_suspicious_headers": false,
"contains_sql_patterns": true,
"contains_xss_patterns": false,
"method": "GET",
"timestamp": "2025-01-20T15:30:00",
"source_ip": "192.168.1.100",
"user_agent": "Mozilla/5.0..."
}
],
"labels": ["sql_injection", "normal", "xss_attack"]
}Testing Required:
- Training data validation
- Model training completion
- Model persistence
- Endpoint:
POST /api/traffic/start-collection - Authentication: Operator role required
- Rate Limit: 5 requests/minute
- Status: ✅ IMPLEMENTED
Request Body:
{
"node_urls": ["http://nginx-node-1", "http://nginx-node-2"]
}Testing Required:
- Node URL validation
- Traffic collection start
- Background task management
- Endpoint:
GET /api/traffic/stats - Authentication: Viewer role required
- Rate Limit: 30 requests/minute
- Status: ✅ IMPLEMENTED
Testing Required:
- Traffic statistics accuracy
- Collection status monitoring
- Endpoint:
POST /api/processing/start - Authentication: Operator role required
- Rate Limit: 3 requests/minute
- Status: ✅ IMPLEMENTED
Testing Required:
- Processing prerequisite validation
- Background task creation
- Thread safety
- Endpoint:
POST /api/processing/stop - Authentication: Operator role required
- Rate Limit: 5 requests/minute
- Status: ❌ NOT IMPLEMENTED - Function body missing
Issues:
- Empty function body
- No graceful shutdown logic
- Endpoint:
GET /api/threats - Authentication: Viewer role required
- Rate Limit: 20 requests/minute
- Status: ✅ IMPLEMENTED
Response:
{
"threats": [],
"total_threats": 0,
"threat_patterns": {}
}Testing Required:
- Threat data accuracy
- Real-time threat updates
- Pattern analysis
- Endpoint:
GET /api/rules - Authentication: Viewer role required
- Rate Limit: 20 requests/minute
- Status: ✅ IMPLEMENTED
Testing Required:
- Active rules listing
- Rule metadata accuracy
- Endpoint:
POST /api/rules/deploy - Authentication: Admin role required
- Rate Limit: 3 requests/minute
- Status:
⚠️ PARTIAL - Some deployment logic incomplete
Request Body:
{
"node_ids": ["node_1", "node_2"],
"force_deployment": false
}Issues:
- Incomplete deployment result handling
- Error recovery mechanisms
Testing Required:
- Rule deployment to nodes
- Nginx configuration validation
- Rollback mechanisms
- Endpoint:
GET /api/config/nginx - Authentication: Operator role required
- Rate Limit: 10 requests/minute
- Status:
⚠️ PARTIAL - Missing error handling
Issues:
- Incomplete error handling in function
Testing Required:
- Configuration generation
- Rule integration
- Nginx syntax validation
- Authentication endpoints - Core security
- Real-time processing start/stop - Core functionality
- Rule deployment - Main business logic
- System health monitoring - Operations
- Traffic collection - Data pipeline
- ML training - Model management
- Node management - Infrastructure
- Threat detection - Security monitoring
- Debug endpoints - Development tools
- Statistics endpoints - Monitoring
- Security management - Administrative
| Service | Endpoints | Implemented | Partial | Missing | Total |
|---|---|---|---|---|---|
| Authentication | 4 | 4 | 0 | 0 | 4 |
| Security | 3 | 1 | 2 | 0 | 3 |
| Public | 3 | 3 | 0 | 0 | 3 |
| System/Debug | 5 | 4 | 0 | 1 | 5 |
| Nodes | 3 | 3 | 0 | 0 | 3 |
| ML Training | 1 | 1 | 0 | 0 | 1 |
| Traffic | 2 | 2 | 0 | 0 | 2 |
| Processing | 2 | 1 | 0 | 1 | 2 |
| Threats | 1 | 1 | 0 | 0 | 1 |
| Rules | 2 | 1 | 1 | 0 | 2 |
| Config | 1 | 0 | 1 | 0 | 1 |
| TOTAL | 27 | 21 | 4 | 2 | 27 |
Implementation Rate: 77.8% Complete, 14.8% Partial, 7.4% Missing
-
Complete missing implementations:
/api/statsendpoint/api/processing/stopendpoint
-
Fix partial implementations:
- Security middleware integration
- Rule deployment error handling
- Nginx configuration error handling
-
Comprehensive testing:
- Authentication and authorization
- Error handling and edge cases
- Performance and load testing
- Security vulnerability assessment
-
Documentation updates:
- OpenAPI/Swagger specification
- Postman collection
- Integration examples