Fix parameter validation in login.

everaldorodrigo · everaldorodrigo · commit b2f803bd1983 · 2025-08-05T12:37:03.000-07:00
diff --git a/src/handlers/api.py b/src/handlers/api.py
@@ -55,6 +55,12 @@ def set_cache_header(self, cache_value):
 class UserInfoHandler(AuthHandler):
     """ "Handler for /user_info endpoint."""
 
+    # Override prepare method to bypass parameter validation
+    def prepare(self):
+        # Skip the BaseAPIHandler parameter validation
+        # and just call the basic RequestHandler prepare
+        super(BaseAPIHandler, self).prepare()
+
     def get(self):
         # Check for user cookie
         if self.current_user:
@@ -73,11 +79,23 @@ def get(self):
 
 
 class LoginHandler(AuthHandler):
+    # Override prepare method to bypass parameter validation
+    def prepare(self):
+        # Skip the BaseAPIHandler parameter validation
+        # and just call the basic RequestHandler prepare
+        super(BaseAPIHandler, self).prepare()
+    
     def get(self):
         self.redirect(self.get_argument("next", "/"))
 
 
 class LogoutHandler(AuthHandler):
+    # Override prepare method to bypass parameter validation
+    def prepare(self):
+        # Skip the BaseAPIHandler parameter validation
+        # and just call the basic RequestHandler prepare
+        super(BaseAPIHandler, self).prepare()
+    
     def get(self):
         self.clear_cookie("user")
         self.redirect(self.get_argument("next", "/"))
diff --git a/src/handlers/oauth.py b/src/handlers/oauth.py
@@ -11,6 +11,12 @@ class GitHubLoginHandler(BaseAPIHandler, GithubOAuth2Mixin):
 
     SCOPES = []
     GITHUB_CALLBACK_PATH = "/oauth"
+    
+    # Override prepare method to bypass parameter validation
+    def prepare(self):
+        # Skip the BaseAPIHandler parameter validation
+        # and just call the basic RequestHandler prepare
+        super(BaseAPIHandler, self).prepare()
 
     async def get(self):
         CLIENT_ID = self.biothings.config.GITHUB_CLIENT_ID
