当前位置: 首页 > 文档资料 > Tornado 用户手册 >

tornado.web — RequestHandler and Application classes

优质
小牛编辑
134浏览
2023-12-01

tornado.web provides a simple web framework with asynchronous features that allow it to scale to large numbers of open connections, making it ideal for long polling.

Here is a simple “Hello, world” example app:

import tornado.ioloop
import tornado.web

class MainHandler(tornado.web.RequestHandler):
    def get(self):
        self.write("Hello, world")

if __name__ == "__main__":
    application = tornado.web.Application([
        (r"/", MainHandler),
    ])
    application.listen(8888)
    tornado.ioloop.IOLoop.current().start()

See the for additional information.

Thread-safety notes

In general, methods on and elsewhere in Tornado are not thread-safe. In particular, methods such as , , and must only be called from the main thread. If you use multiple threads it is important to use to transfer control back to the main thread before finishing the request.

Request handlers

class tornado.web.RequestHandler(application, request, **kwargs)

Base class for HTTP request handlers.

Subclasses must define at least one of the methods defined in the “Entry points” section below.

Entry points

RequestHandler.initialize()

Hook for subclass initialization. Called for each request.

A dictionary passed as the third argument of a url spec will be supplied as keyword arguments to initialize().

Example:

class ProfileHandler(RequestHandler):
    def initialize(self, database):
        self.database = database

    def get(self, username):
        ...

app = Application([
    (r'/user/(.*)', ProfileHandler, dict(database=database)),
    ])
RequestHandler.prepare()

Called at the beginning of a request before //etc.

Override this method to perform common initialization regardless of the request method.

Asynchronous support: Decorate this method with or to make it asynchronous (the decorator cannot be used on ). If this method returns a execution will not proceed until the is done.

3.1 新版功能: Asynchronous support.

RequestHandler.on_finish()

Called after the end of a request.

Override this method to perform cleanup, logging, etc. This method is a counterpart to . on_finish may not produce any output, as it is called after the response has been sent to the client.

Implement any of the following methods (collectively known as the HTTP verb methods) to handle the corresponding HTTP method. These methods can be made asynchronous with one of the following decorators: , , or .

To support a method not on this list, override the class variable SUPPORTED_METHODS:

class WebDAVHandler(RequestHandler):
    SUPPORTED_METHODS = RequestHandler.SUPPORTED_METHODS + ('PROPFIND',)

    def propfind(self):
        pass
RequestHandler.get(*args, **kwargs)
RequestHandler.head(*args, **kwargs)
RequestHandler.post(*args, **kwargs)
RequestHandler.delete(*args, **kwargs)
RequestHandler.patch(*args, **kwargs)
RequestHandler.put(*args, **kwargs)
RequestHandler.options(*args, **kwargs)

Input

RequestHandler.get_argument(name, default=<object object>, strip=True)

Returns the value of the argument with the given name.

If default is not provided, the argument is considered to be required, and we raise a if it is missing.

If the argument appears in the url more than once, we return the last value.

The returned value is always unicode.

RequestHandler.get_arguments(name, strip=True)

Returns a list of the arguments with the given name.

If the argument is not present, returns an empty list.

The returned values are always unicode.

RequestHandler.get_query_argument(name, default=<object object>, strip=True)

Returns the value of the argument with the given name from the request query string.

If default is not provided, the argument is considered to be required, and we raise a if it is missing.

If the argument appears in the url more than once, we return the last value.

The returned value is always unicode.

3.2 新版功能.

RequestHandler.get_query_arguments(name, strip=True)

Returns a list of the query arguments with the given name.

If the argument is not present, returns an empty list.

The returned values are always unicode.

3.2 新版功能.

RequestHandler.get_body_argument(name, default=<object object>, strip=True)

Returns the value of the argument with the given name from the request body.

If default is not provided, the argument is considered to be required, and we raise a if it is missing.

If the argument appears in the url more than once, we return the last value.

The returned value is always unicode.

3.2 新版功能.

RequestHandler.get_body_arguments(name, strip=True)

Returns a list of the body arguments with the given name.

If the argument is not present, returns an empty list.

The returned values are always unicode.

3.2 新版功能.

RequestHandler.decode_argument(value, name=None)

Decodes an argument from the request.

The argument has been percent-decoded and is now a byte string. By default, this method decodes the argument as utf-8 and returns a unicode string, but this may be overridden in subclasses.

This method is used as a filter for both and for values extracted from the url and passed to //etc.

The name of the argument is provided if known, but may be None (e.g. for unnamed groups in the url regex).

RequestHandler.request

The object containing additional request parameters including e.g. headers and body data.

RequestHandler.path_args
RequestHandler.path_kwargs

The path_args and path_kwargs attributes contain the positional and keyword arguments that are passed to the HTTP verb methods. These attributes are set before those methods are called, so the values are available during .

Output

RequestHandler.set_status(status_code, reason=None)

Sets the status code for our response.

参数:
  • status_code () – Response status code. If reason is None, it must be present in .
  • reason () – Human-readable reason phrase describing the status code. If None, it will be filled in from .
RequestHandler.set_header(name, value)

Sets the given response header name and value.

If a datetime is given, we automatically format it according to the HTTP specification. If the value is not a string, we convert it to a string. All header values are then encoded as UTF-8.

RequestHandler.add_header(name, value)

Adds the given response header and value.

Unlike , may be called multiple times to return multiple values for the same header.

RequestHandler.clear_header(name)

Clears an outgoing header, undoing a previous call.

Note that this method does not apply to multi-valued headers set by .

RequestHandler.set_default_headers()

Override this to set HTTP headers at the beginning of the request.

For example, this is the place to set a custom Server header. Note that setting such headers in the normal flow of request processing may not do what you want, since headers may be reset during error handling.

RequestHandler.write(chunk)

Writes the given chunk to the output buffer.

To write the output to the network, use the flush() method below.

If the given chunk is a dictionary, we write it as JSON and set the Content-Type of the response to be application/json. (if you want to send JSON as a different Content-Type, call set_header after calling write()).

Note that lists are not converted to JSON because of a potential cross-site security vulnerability. All JSON output should be wrapped in a dictionary. More details at http://haacked.com/archive/2009/06/25/json-hijacking.aspx/ and https://github.com/facebook/tornado/issues/1009

RequestHandler.flush(include_footers=False, callback=None)

Flushes the current output buffer to the network.

The callback argument, if given, can be used for flow control: it will be run when all flushed data has been written to the socket. Note that only one flush callback can be outstanding at a time; if another flush occurs before the previous flush’s callback has been run, the previous callback will be discarded.

在 4.0 版更改: Now returns a if no callback is given.

RequestHandler.finish(chunk=None)

Finishes this response, ending the HTTP request.

RequestHandler.render(template_name, **kwargs)

Renders the template with the given arguments as the response.

RequestHandler.render_string(template_name, **kwargs)

Generate the given template with the given arguments.

We return the generated byte string (in utf8). To generate and write a template as a response, use render() above.

RequestHandler.get_template_namespace()

Returns a dictionary to be used as the default template namespace.

May be overridden by subclasses to add or modify values.

The results of this method will be combined with additional defaults in the module and keyword arguments to or .

RequestHandler.redirect(url, permanent=False, status=None)

Sends a redirect to the given (optionally relative) URL.

If the status argument is specified, that value is used as the HTTP status code; otherwise either 301 (permanent) or 302 (temporary) is chosen based on the permanent argument. The default is 302 (temporary).

RequestHandler.send_error(status_code=500, **kwargs)

Sends the given HTTP error code to the browser.

If has already been called, it is not possible to send an error, so this method will simply terminate the response. If output has been written but not yet flushed, it will be discarded and replaced with the error page.

Override to customize the error page that is returned. Additional keyword arguments are passed through to .

RequestHandler.write_error(status_code, **kwargs)

Override to implement custom error pages.

write_error may call , , , etc to produce output as usual.

If this error was caused by an uncaught exception (including HTTPError), an exc_info triple will be available as kwargs["exc_info"]. Note that this exception may not be the “current” exception for purposes of methods like sys.exc_info() or traceback.format_exc.

RequestHandler.clear()

Resets all headers and content for this response.

RequestHandler.data_received(chunk)

Implement this method to handle streamed request data.

Requires the decorator.

Cookies

RequestHandler.cookies

An alias for .

RequestHandler.get_cookie(name, default=None)

Gets the value of the cookie with the given name, else default.

RequestHandler.set_cookie(name, value, domain=None, expires=None, path='/', expires_days=None, **kwargs)

Sets the given cookie name/value with the given options.

Additional keyword arguments are set on the Cookie.Morsel directly. See http://docs.python.org/library/cookie.html for available attributes.

RequestHandler.clear_cookie(name, path='/', domain=None)

Deletes the cookie with the given name.

Due to limitations of the cookie protocol, you must pass the same path and domain to clear a cookie as were used when that cookie was set (but there is no way to find out on the server side which values were used for a given cookie).

RequestHandler.clear_all_cookies(path='/', domain=None)

Deletes all the cookies the user sent with this request.

See for more information on the path and domain parameters.

在 3.2 版更改: Added the path and domain parameters.

RequestHandler.get_secure_cookie(name, value=None, max_age_days=31, min_version=None)

Returns the given signed cookie if it validates, or None.

The decoded cookie value is returned as a byte string (unlike ).

在 3.2.1 版更改: Added the min_version argument. Introduced cookie version 2; both versions 1 and 2 are accepted by default.

RequestHandler.get_secure_cookie_key_version(name, value=None)

Returns the signing key version of the secure cookie.

The version is returned as int.

RequestHandler.set_secure_cookie(name, value, expires_days=30, version=None, **kwargs)

Signs and timestamps a cookie so it cannot be forged.

You must specify the cookie_secret setting in your Application to use this method. It should be a long, random sequence of bytes to be used as the HMAC secret for the signature.

To read a cookie set with this method, use .

Note that the expires_days parameter sets the lifetime of the cookie in the browser, but is independent of the max_age_days parameter to .

Secure cookies may contain arbitrary byte values, not just unicode strings (unlike regular cookies)

在 3.2.1 版更改: Added the version argument. Introduced cookie version 2 and made it the default.

RequestHandler.create_signed_value(name, value, version=None)

Signs and timestamps a string so it cannot be forged.

Normally used via set_secure_cookie, but provided as a separate method for non-cookie uses. To decode a value not stored as a cookie use the optional value argument to get_secure_cookie.

在 3.2.1 版更改: Added the version argument. Introduced cookie version 2 and made it the default.

tornado.web.MIN_SUPPORTED_SIGNED_VALUE_VERSION = 1

The oldest signed value version supported by this version of Tornado.

Signed values older than this version cannot be decoded.

3.2.1 新版功能.

tornado.web.MAX_SUPPORTED_SIGNED_VALUE_VERSION = 2

The newest signed value version supported by this version of Tornado.

Signed values newer than this version cannot be decoded.

3.2.1 新版功能.

tornado.web.DEFAULT_SIGNED_VALUE_VERSION = 2

The signed value version produced by .

May be overridden by passing a version keyword argument.

3.2.1 新版功能.

tornado.web.DEFAULT_SIGNED_VALUE_MIN_VERSION = 1

The oldest signed value accepted by .

May be overridden by passing a min_version keyword argument.

3.2.1 新版功能.

Other

RequestHandler.application

The object serving this request

RequestHandler.check_etag_header()

Checks the Etag header against requests’s If-None-Match.

Returns True if the request’s Etag matches and a 304 should be returned. For example:

self.set_etag_header()
if self.check_etag_header():
    self.set_status(304)
    return

This method is called automatically when the request is finished, but may be called earlier for applications that override and want to do an early check for If-None-Match before completing the request. The Etag header should be set (perhaps with ) before calling this method.

RequestHandler.check_xsrf_cookie()

Verifies that the _xsrf cookie matches the _xsrf argument.

To prevent cross-site request forgery, we set an _xsrf cookie and include the same value as a non-cookie field with all POST requests. If the two do not match, we reject the form submission as a potential forgery.

The _xsrf value may be set as either a form field named _xsrf or in a custom HTTP header named X-XSRFToken or X-CSRFToken (the latter is accepted for compatibility with Django).

See http://en.wikipedia.org/wiki/Cross-site_request_forgery

Prior to release 1.1.1, this check was ignored if the HTTP header X-Requested-With: XMLHTTPRequest was present. This exception has been shown to be insecure and has been removed. For more information please see http://www.djangoproject.com/weblog/2011/feb/08/security/ http://weblog.rubyonrails.org/2011/2/8/csrf-protection-bypass-in-ruby-on-rails

在 3.2.2 版更改: Added support for cookie version 2. Both versions 1 and 2 are supported.

RequestHandler.compute_etag()

Computes the etag header to be used for this request.

By default uses a hash of the content written so far.

May be overridden to provide custom etag implementations, or may return None to disable tornado’s default etag support.

RequestHandler.create_template_loader(template_path)

Returns a new template loader for the given path.

May be overridden by subclasses. By default returns a directory-based loader on the given path, using the autoescape and template_whitespace application settings. If a template_loader application setting is supplied, uses that instead.

RequestHandler.current_user

The authenticated user for this request.

This is set in one of two ways:

  • A subclass may override , which will be called automatically the first time self.current_user is accessed. will only be called once per request, and is cached for future access:

    def get_current_user(self):
        user_cookie = self.get_secure_cookie("user")
        if user_cookie:
            return json.loads(user_cookie)
        return None
  • It may be set as a normal variable, typically from an overridden :

    @gen.coroutine
    def prepare(self):
        user_id_cookie = self.get_secure_cookie("user_id")
        if user_id_cookie:
            self.current_user = yield load_user(user_id_cookie)

Note that may be a coroutine while may not, so the latter form is necessary if loading the user requires asynchronous operations.

The user object may any type of the application’s choosing.

RequestHandler.get_browser_locale(default='en_US')

Determines the user’s locale from Accept-Language header.

See http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html

RequestHandler.get_current_user()

Override to determine the current user from, e.g., a cookie.

This method may not be a coroutine.

RequestHandler.get_login_url()

Override to customize the login URL based on the request.

By default, we use the login_url application setting.

RequestHandler.get_status()

Returns the status code for our response.

RequestHandler.get_template_path()

Override to customize template path for each handler.

By default, we use the template_path application setting. Return None to load templates relative to the calling file.

RequestHandler.get_user_locale()

Override to determine the locale from the authenticated user.

If None is returned, we fall back to .

This method should return a object, most likely obtained via a call like tornado.locale.get("en")

RequestHandler.locale

The locale for the current session.

Determined by either , which you can override to set the locale based on, e.g., a user preference stored in a database, or , which uses the Accept-Language header.

RequestHandler.log_exception(typ, value, tb)

Override to customize logging of uncaught exceptions.

By default logs instances of as warnings without stack traces (on the tornado.general logger), and all other exceptions as errors with stack traces (on the tornado.application logger).

3.1 新版功能.

RequestHandler.on_connection_close()

Called in async handlers if the client closed the connection.

Override this to clean up resources associated with long-lived connections. Note that this method is called only if the connection was closed during asynchronous processing; if you need to do cleanup after every request override instead.

Proxies may keep a connection open for a time (perhaps indefinitely) after the client has gone away, so this method may not be called promptly after the end user closes their connection.

RequestHandler.require_setting(name, feature='this feature')

Raises an exception if the given app setting is not defined.

RequestHandler.reverse_url(name, *args)

Alias for .

RequestHandler.set_etag_header()

Sets the response’s Etag header using self.compute_etag().

Note: no header will be set if compute_etag() returns None.

This method is called automatically when the request is finished.

RequestHandler.settings

An alias for .

RequestHandler.static_url(path, include_host=None, **kwargs)

Returns a static URL for the given relative static file path.

This method requires you set the static_path setting in your application (which specifies the root directory of your static files).

This method returns a versioned url (by default appending ?v=<signature>), which allows the static files to be cached indefinitely. This can be disabled by passing include_version=False (in the default implementation; other static file implementations are not required to support this, but they may support other options).

By default this method returns URLs relative to the current host, but if include_host is true the URL returned will be absolute. If this handler has an include_host attribute, that value will be used as the default for all calls that do not pass include_host as a keyword argument.

RequestHandler.xsrf_form_html()

An HTML <input/> element to be included with all POST forms.

It defines the _xsrf input value, which we check on all POST requests to prevent cross-site request forgery. If you have set the xsrf_cookies application setting, you must include this HTML within all of your HTML forms.

In a template, this method should be called with {% module xsrf_form_html() %}

See above for more information.

RequestHandler.xsrf_token

The XSRF-prevention token for the current user/session.

To prevent cross-site request forgery, we set an ‘_xsrf’ cookie and include the same ‘_xsrf’ value as an argument with all POST requests. If the two do not match, we reject the form submission as a potential forgery.

See http://en.wikipedia.org/wiki/Cross-site_request_forgery

在 3.2.2 版更改: The xsrf token will now be have a random mask applied in every request, which makes it safe to include the token in pages that are compressed. See http://breachattack.com for more information on the issue fixed by this change. Old (version 1) cookies will be converted to version 2 when this method is called unless the xsrf_cookie_version setting is set to 1.

在 4.3 版更改: The xsrf_cookie_kwargs setting may be used to supply additional cookie options (which will be passed directly to ). For example, xsrf_cookie_kwargs=dict(httponly=True, secure=True) will set the secure and httponly flags on the _xsrf cookie.

Application configuration

class tornado.web.Application(handlers=None, default_host='', transforms=None, **settings)

A collection of request handlers that make up a web application.

Instances of this class are callable and can be passed directly to HTTPServer to serve the application:

application = web.Application([
    (r"/", MainPageHandler),
])
http_server = httpserver.HTTPServer(application)
http_server.listen(8080)
ioloop.IOLoop.current().start()

The constructor for this class takes in a list of objects or (regexp, request_class) tuples. When we receive requests, we iterate over the list in order and instantiate an instance of the first request class whose regexp matches the request path. The request class can be specified as either a class object or a (fully-qualified) name.

Each tuple can contain additional elements, which correspond to the arguments to the constructor. (Prior to Tornado 3.2, only tuples of two or three elements were allowed).

A dictionary may be passed as the third element of the tuple, which will be used as keyword arguments to the handler’s constructor and method. This pattern is used for the in this example (note that a can be installed automatically with the static_path setting described below):

application = web.Application([
    (r"/static/(.*)", web.StaticFileHandler, {"path": "/var/www"}),
])

We support virtual hosts with the method, which takes in a host regular expression as the first argument:

application.add_handlers(r"www\.myhost\.com", [
    (r"/article/([0-9]+)", ArticleHandler),
])

You can serve static files by sending the static_path setting as a keyword argument. We will serve those files from the /static/ URI (this is configurable with the static_url_prefix setting), and we will serve /favicon.ico and /robots.txt from the same directory. A custom subclass of can be specified with the static_handler_class setting.

settings

Additional keyword arguments passed to the constructor are saved in the dictionary, and are often referred to in documentation as “application settings”. Settings are used to customize various aspects of Tornado (although in some cases richer customization is possible by overriding methods in a subclass of ). Some applications also like to use the dictionary as a way to make application-specific settings available to handlers without using global variables. Settings used in Tornado are described below.

General settings:

  • autoreload: If True, the server process will restart when any source files change, as described in Debug 模式 和 自动重新加载. This option is new in Tornado 3.2; previously this functionality was controlled by the debug setting.
  • debug: Shorthand for several debug mode settings, described in Debug 模式 和 自动重新加载. Setting debug=True is equivalent to autoreload=True, compiled_template_cache=False, static_hash_cache=False, serve_traceback=True.
  • default_handler_class and default_handler_args: This handler will be used if no other match is found; use this to implement custom 404 pages (new in Tornado 3.2).
  • compress_response: If True, responses in textual formats will be compressed automatically. New in Tornado 4.0.
  • gzip: Deprecated alias for compress_response since Tornado 4.0.
  • log_function: This function will be called at the end of every request to log the result (with one argument, the object). The default implementation writes to the module’s root logger. May also be customized by overriding .
  • serve_traceback: If true, the default error page will include the traceback of the error. This option is new in Tornado 3.2; previously this functionality was controlled by the debug setting.
  • ui_modules and ui_methods: May be set to a mapping of or UI methods to be made available to templates. May be set to a module, dictionary, or a list of modules and/or dicts. See UI 模版 for more details.

Authentication and security settings:

  • cookie_secret: Used by and to sign cookies.
  • key_version: Used by requestHandler to sign cookies with a specific key when cookie_secret is a key dictionary.
  • login_url: The decorator will redirect to this url if the user is not logged in. Can be further customized by overriding
  • xsrf_cookies: If true, 跨站请求伪造防护 will be enabled.
  • xsrf_cookie_version: Controls the version of new XSRF cookies produced by this server. Should generally be left at the default (which will always be the highest supported version), but may be set to a lower value temporarily during version transitions. New in Tornado 3.2.2, which introduced XSRF cookie version 2.
  • xsrf_cookie_kwargs: May be set to a dictionary of additional arguments to be passed to for the XSRF cookie.
  • twitter_consumer_key, twitter_consumer_secret, friendfeed_consumer_key, friendfeed_consumer_secret, google_consumer_key, google_consumer_secret, facebook_api_key, facebook_secret: Used in the module to authenticate to various APIs.

Template settings:

  • autoescape: Controls automatic escaping for templates. May be set to None to disable escaping, or to the name of a function that all output should be passed through. Defaults to "xhtml_escape". Can be changed on a per-template basis with the {% autoescape %} directive.
  • compiled_template_cache: Default is True; if False templates will be recompiled on every request. This option is new in Tornado 3.2; previously this functionality was controlled by the debug setting.
  • template_path: Directory containing template files. Can be further customized by overriding
  • template_loader: Assign to an instance of to customize template loading. If this setting is used the template_path and autoescape settings are ignored. Can be further customized by overriding .
  • template_whitespace: Controls handling of whitespace in templates; see for allowed values. New in Tornado 4.3.

Static file settings:

  • static_hash_cache: Default is True; if False static urls will be recomputed on every request. This option is new in Tornado 3.2; previously this functionality was controlled by the debug setting.
  • static_path: Directory from which static files will be served.
  • static_url_prefix: Url prefix for static files, defaults to "/static/".
  • static_handler_class, static_handler_args: May be set to use a different handler for static files instead of the default . static_handler_args, if set, should be a dictionary of keyword arguments to be passed to the handler’s initialize method.
listen(port, address='', **kwargs)

Starts an HTTP server for this application on the given port.

This is a convenience alias for creating an object and calling its listen method. Keyword arguments not supported by are passed to the constructor. For advanced uses (e.g. multi-process mode), do not use this method; create an and call its / methods directly.

Note that after calling this method you still need to call IOLoop.current().start() to start the server.

Returns the object.

在 4.3 版更改: Now returns the object.

add_handlers(host_pattern, host_handlers)

Appends the given handlers to our handler list.

Host patterns are processed sequentially in the order they were added. All matching patterns will be considered.

reverse_url(name, *args)

Returns a URL path for handler named name

The handler must be added to the application as a named .

Args will be substituted for capturing groups in the regex. They will be converted to strings if necessary, encoded as utf8, and url-escaped.

log_request(handler)

Writes a completed HTTP request to the logs.

By default writes to the python root logger. To change this behavior either subclass Application and override this method, or pass a function in the application settings dictionary as log_function.

class tornado.web.URLSpec(pattern, handler, kwargs=None, name=None)

Specifies mappings between URLs and handlers.

Parameters:

  • pattern: Regular expression to be matched. Any capturing groups in the regex will be passed in to the handler’s get/post/etc methods as arguments (by keyword if named, by position if unnamed. Named and unnamed capturing groups may may not be mixed in the same rule).
  • handler: subclass to be invoked.
  • kwargs (optional): A dictionary of additional arguments to be passed to the handler’s constructor.
  • name (optional): A name for this handler. Used by .

The URLSpec class is also available under the name tornado.web.url.

Decorators

tornado.web.asynchronous(method)

Wrap request handler methods with this if they are asynchronous.

This decorator is for callback-style asynchronous methods; for coroutines, use the @gen.coroutine decorator without @asynchronous. (It is legal for legacy reasons to use the two decorators together provided @asynchronous is first, but @asynchronous will be ignored in this case)

This decorator should only be applied to the HTTP verb methods; its behavior is undefined for any other method. This decorator does not make a method asynchronous; it tells the framework that the method is asynchronous. For this decorator to be useful the method must (at least sometimes) do something asynchronous.

If this decorator is given, the response is not finished when the method returns. It is up to the request handler to call to finish the HTTP request. Without this decorator, the request is automatically finished when the get() or post() method returns. Example:

class MyRequestHandler(RequestHandler):
    @asynchronous
    def get(self):
       http = httpclient.AsyncHTTPClient()
       http.fetch("http://friendfeed.com/", self._on_download)

    def _on_download(self, response):
       self.write("Downloaded!")
       self.finish()

在 3.1 版更改: The ability to use @gen.coroutine without @asynchronous.

在 4.3 版更改: Returning anything but None or a yieldable object from a method decorated with @asynchronous is an error. Such return values were previously ignored silently.

tornado.web.authenticated(method)

Decorate methods with this to require that the user be logged in.

If the user is not logged in, they will be redirected to the configured .

If you configure a login url with a query parameter, Tornado will assume you know what you’re doing and use it as-is. If not, it will add a parameter so the login page knows where to send you once you’re logged in.

tornado.web.addslash(method)

Use this decorator to add a missing trailing slash to the request path.

For example, a request to /foo would redirect to /foo/ with this decorator. Your request handler mapping should use a regular expression like r'/foo/?' in conjunction with using the decorator.

tornado.web.removeslash(method)

Use this decorator to remove trailing slashes from the request path.

For example, a request to /foo/ would redirect to /foo with this decorator. Your request handler mapping should use a regular expression like r'/foo/*' in conjunction with using the decorator.

tornado.web.stream_request_body(cls)

Apply to subclasses to enable streaming body support.

This decorator implies the following changes:

  • is undefined, and body arguments will not be included in .
  • is called when the request headers have been read instead of after the entire body has been read.
  • The subclass must define a method data_received(self, data):, which will be called zero or more times as data is available. Note that if the request has an empty body, data_received may not be called.
  • prepare and data_received may return Futures (such as via @gen.coroutine, in which case the next method will not be called until those futures have completed.
  • The regular HTTP method (post, put, etc) will be called after the entire body has been read.

There is a subtle interaction between data_received and asynchronous prepare: The first call to data_received may occur at any point after the call to prepare has returned or yielded.

Everything else

exception tornado.web.HTTPError(status_code=500, log_message=None, *args, **kwargs)

An exception that will turn into an HTTP error response.

Raising an is a convenient alternative to calling since it automatically ends the current function.

To customize the response sent with an , override .

参数:
  • status_code () – HTTP status code. Must be listed in unless the reason keyword argument is given.
  • log_message () – Message to be written to the log for this error (will not be shown to the user unless the is in debug mode). May contain %s-style placeholders, which will be filled in with remaining positional parameters.
  • reason () – Keyword-only argument. The HTTP “reason” phrase to pass in the status line along with status_code. Normally determined automatically from status_code, but can be used to use a non-standard numeric code.
exception tornado.web.Finish

An exception that ends the request without producing an error response.

When is raised in a , the request will end (calling if it hasn’t already been called), but the error-handling methods (including ) will not be called.

If was created with no arguments, the pending response will be sent as-is. If was given an argument, that argument will be passed to .

This can be a more convenient way to implement custom error pages than overriding write_error (especially in library code):

if self.current_user is None:
    self.set_status(401)
    self.set_header('WWW-Authenticate', 'Basic realm="something"')
    raise Finish()

在 4.3 版更改: Arguments passed to Finish() will be passed on to .

exception tornado.web.MissingArgumentError(arg_name)

Exception raised by .

This is a subclass of , so if it is uncaught a 400 response code will be used instead of 500 (and a stack trace will not be logged).

3.1 新版功能.

class tornado.web.UIModule(handler)

A re-usable, modular UI unit on a page.

UI modules often execute additional queries, and they can include additional CSS and JavaScript that will be included in the output page, which is automatically inserted on page render.

Subclasses of UIModule must override the method.

render(*args, **kwargs)

Override in subclasses to return this module’s output.

embedded_javascript()

Override to return a JavaScript string to be embedded in the page.

javascript_files()

Override to return a list of JavaScript files needed by this module.

If the return values are relative paths, they will be passed to ; otherwise they will be used as-is.

embedded_css()

Override to return a CSS string that will be embedded in the page.

css_files()

Override to returns a list of CSS files required by this module.

If the return values are relative paths, they will be passed to ; otherwise they will be used as-is.

html_head()

Override to return an HTML string that will be put in the <head/> element.

html_body()

Override to return an HTML string that will be put at the end of the <body/> element.

render_string(path, **kwargs)

Renders a template and returns it as a string.

class tornado.web.ErrorHandler(application, request, **kwargs)

Generates an error response with status_code for all requests.

class tornado.web.FallbackHandler(application, request, **kwargs)

A that wraps another HTTP server callback.

The fallback is a callable object that accepts an , such as an or . This is most useful to use both Tornado RequestHandlers and WSGI in the same server. Typical usage:

wsgi_app = tornado.wsgi.WSGIContainer(
    django.core.handlers.wsgi.WSGIHandler())
application = tornado.web.Application([
    (r"/foo", FooHandler),
    (r".*", FallbackHandler, dict(fallback=wsgi_app),
])
class tornado.web.RedirectHandler(application, request, **kwargs)

Redirects the client to the given URL for all GET requests.

You should provide the keyword argument url to the handler, e.g.:

application = web.Application([
    (r"/oldpath", web.RedirectHandler, {"url": "/newpath"}),
])
class tornado.web.StaticFileHandler(application, request, **kwargs)

A simple handler that can serve static content from a directory.

A is configured automatically if you pass the static_path keyword argument to . This handler can be customized with the static_url_prefix, static_handler_class, and static_handler_args settings.

To map an additional path to this handler for a static data directory you would add a line to your application like:

application = web.Application([
    (r"/content/(.*)", web.StaticFileHandler, {"path": "/var/www"}),
])

The handler constructor requires a path argument, which specifies the local root directory of the content to be served.

Note that a capture group in the regex is required to parse the value for the path argument to the get() method (different than the constructor argument above); see for details.

To serve a file like index.html automatically when a directory is requested, set static_handler_args=dict(default_filename="index.html") in your application settings, or add default_filename as an initializer argument for your StaticFileHandler.

To maximize the effectiveness of browser caching, this class supports versioned urls (by default using the argument ?v=). If a version is given, we instruct the browser to cache this file indefinitely. (also available as ) can be used to construct a versioned url.

This handler is intended primarily for use in development and light-duty file serving; for heavy traffic it will be more efficient to use a dedicated static file server (such as nginx or Apache). We support the HTTP Accept-Ranges mechanism to return partial content (because some browsers require this functionality to be present to seek in HTML5 audio or video).

Subclassing notes

This class is designed to be extensible by subclassing, but because of the way static urls are generated with class methods rather than instance methods, the inheritance patterns are somewhat unusual. Be sure to use the @classmethod decorator when overriding a class method. Instance methods may use the attributes self.path self.absolute_path, and self.modified.

Subclasses should only override methods discussed in this section; overriding other methods is error-prone. Overriding StaticFileHandler.get is particularly problematic due to the tight coupling with compute_etag and other methods.

To change the way static urls are generated (e.g. to match the behavior of another server or CDN), override , , , and/or .

To replace all interaction with the filesystem (e.g. to serve static content from a database), override , , , , and .

在 3.1 版更改: Many of the methods for subclasses were added in Tornado 3.1.

compute_etag()

Sets the Etag header based on static url version.

This allows efficient If-None-Match checks against cached versions, and sends the correct Etag for a partial response (i.e. the same Etag as the full file).

3.1 新版功能.

set_headers()

Sets the content and caching headers on the response.

3.1 新版功能.

should_return_304()

Returns True if the headers indicate that we should return 304.

3.1 新版功能.

classmethod get_absolute_path(root, path)

Returns the absolute location of path relative to root.

root is the path configured for this (in most cases the static_path setting).

This class method may be overridden in subclasses. By default it returns a filesystem path, but other strings may be used as long as they are unique and understood by the subclass’s overridden .

3.1 新版功能.

validate_absolute_path(root, absolute_path)

Validate and return the absolute path.

root is the configured path for the , and path is the result of

This is an instance method called during request processing, so it may raise or use methods like (return None after redirecting to halt further processing). This is where 404 errors for missing files are generated.

This method may modify the path before returning it, but note that any such modifications will not be understood by .

In instance methods, this method’s result is available as self.absolute_path.

3.1 新版功能.

classmethod get_content(abspath, start=None, end=None)

Retrieve the content of the requested resource which is located at the given absolute path.

This class method may be overridden by subclasses. Note that its signature is different from other overridable class methods (no settings argument); this is deliberate to ensure that abspath is able to stand on its own as a cache key.

This method should either return a byte string or an iterator of byte strings. The latter is preferred for large files as it helps reduce memory fragmentation.

3.1 新版功能.

classmethod get_content_version(abspath)

Returns a version string for the resource at the given path.

This class method may be overridden by subclasses. The default implementation is a hash of the file’s contents.

3.1 新版功能.

get_content_size()

Retrieve the total size of the resource at the given path.

This method may be overridden by subclasses.

3.1 新版功能.

在 4.0 版更改: This method is now always called, instead of only when partial results are requested.

get_modified_time()

Returns the time that self.absolute_path was last modified.

May be overridden in subclasses. Should return a object or None.

3.1 新版功能.

get_content_type()

Returns the Content-Type header to be used for this request.

3.1 新版功能.

set_extra_headers(path)

For subclass to add extra headers to the response

get_cache_time(path, modified, mime_type)

Override to customize cache control behavior.

Return a positive number of seconds to make the result cacheable for that amount of time or 0 to mark resource as cacheable for an unspecified amount of time (subject to browser heuristics).

By default returns cache expiry of 10 years for resources requested with v argument.

classmethod make_static_url(settings, path, include_version=True)

Constructs a versioned url for the given path.

This method may be overridden in subclasses (but note that it is a class method rather than an instance method). Subclasses are only required to implement the signature make_static_url(cls, settings, path); other keyword arguments may be passed through but are not standard.

settings is the dictionary. path is the static path being requested. The url returned should be relative to the current host.

include_version determines whether the generated URL should include the query string containing the version hash of the file corresponding to the given path.

parse_url_path(url_path)

Converts a static URL path into a filesystem path.

url_path is the path component of the URL with static_url_prefix removed. The return value should be filesystem path relative to static_path.

This is the inverse of .

classmethod get_version(settings, path)

Generate the version string to be used in static URLs.

settings is the dictionary and path is the relative location of the requested asset on the filesystem. The returned value should be a string, or None if no version could be determined.

在 3.1 版更改: This method was previously recommended for subclasses to override; is now preferred as it allows the base class to handle caching of the result.