tornado 静态文件隐藏系统路径的方法

最近用tornado做了一个简单的云文件服务器，不想暴露文件的地址和信息，对文件路径加密后，在静态路径处理时再解密，所以改写了StaticFileHandler的一个方法，使得外部访问，外面根本看不出来的文件是什么，同时也也猜不到其它的文件名称。

查了一下官方文档，大意如下：

This class is designed to be extensible by subclassing, but because of the way static urls are generated with class methods rather than instance methods, the inheritance patterns are somewhat unusual. Be sure to use the @classmethod decorator when overriding a class method. Instance methods may use the attributes self.path self.absolute_path, and self.modified.

Subclasses should only override methods discussed in this section; overriding other methods is error-prone. Overriding StaticFileHandler.get is particularly problematic due to the tight coupling with compute_etag and other methods.

To change the way static urls are generated (e.g. to match the behavior of another server or CDN), override make_static_url, parse_url_path, get_cache_time, and/or get_version.

To replace all interaction with the filesystem (e.g. to serve static content from a database), override get_content, get_content_size, get_modified_time, get_absolute_path, andvalidate_absolute_path.

比较简单，我就不翻译了，有兴趣可以看看。按照要求，改写了StaticFileHandler

class ParserFilename(tornado.web.StaticFileHandler):
    def initialize(self, path):
        #print 'the path is',path
        #self.dirname, self.filename = os.path.split(path)
        super(ParserFilename, self).initialize(path)
    
    def parse_url_path(self, url_path):
        url_path = base64.b64decode(url_path)
        if os.path.sep != "/":
            url_path = url_path.replace("/", os.path.sep)

        return url_path

下面就是加密后的URL 外部根本看不出来是什么文件，但是可以打开

http://120.24.101.2:9001/files/MjAxNjA5L2ltYWdlLzgzNDNlMWFhODYxNjExZTY4MjIxMDAxNjNlMDA2ZDhiLmpwZw==