Loop In Backoffice Login Page - Prestashop 1.6.4.1

[SDJ]

Hello folks,

I have been searching in google during last two days and reading here in the forum all the threads related to this issue (in spanish and english) with no luck.. So I sincerely expect that some of you can help me to solve the situation.

I have upgraded prestashop from 1.5.6.2 to 1.6.1.4 in both ways, first automatically (1-click-upgrade module) and then manually (following the instructions from http://doc.prestashop.com/display/PS16/Manual+update).

Why both?
Because when I did it automatically I lost access to BO and I could not find a solution. So I upgraded manually and it worked very well. In fact I have been working on the shop during few days with no problems, but when  my colleges tried to access to the shop to do their job they told me that there was an error (infinite loop) in the BO login page.

So I started to test it!
When I try to log into the prestashop BO, it redirects me to the log in page again (with different users accounts, browsers, laptops, OS, source IP addresses, etc.) EXCEPT if I log in with the same browser (firefox) and the same admin account that I used to log in immediately after upgrading. In this situation I have access to the BO)

My current situation is the following:
- I have a clon server of my online-shop, with the new version of prestashop (1.6.4.1) migrated manually.
- I have access to the BackOffice with the admin account that I used after upgrading.
- I can log in again and again to the back office with the admin account when the session expires.
- I can NOT log in with this admin account in the following scenarios:
--> when I try to acces with the same browser but private session.
--> when I try to access from other browsers in the same computer.
--> when I try to access from other computers/OS (gnu/Linux, MACOS, etc) with several browsers (firefox, chrome, etc).
--> when I try to access from other computers from others IP addresses
--> when I try to access with any other user account from any source IP addresses and/or any other computers (neither with new user accounts created to test this issue).

Note: I do not have used the 'logout' functionality with the 'valid admin account' to avoid the risk of losing the access due to any potential stored-cookie deletion.. always log-in when the back office show me the log-in screen, which happens from time to time.

What I have tried to solve this issue with no luck:
- Cleared cache  from the BO (advanced Parameters->Performance->Clear Caché)
- Cleared cache, from all new/different browsers (except from the one that I use to access to the BO with admin account)
- Disabled 'Check IP from Cookie' (administration->Preferences)
- Updated the time for cookie sessions (administration->Preferences)
- Removed root .htaccess and regenerated again by deactivating/activating the 'Preferences->SEO+URL->friendly URL' option.
- Moved temporary the content of /overrides/ folder
- Removed content of /folder-shop/cache/*
- Activate the DEBUG information through /folder-shop/config/defines.inc.php -> "define('_PS_MODE_DEV_', true);"
- Create new user account to try to log-in

Unfortunately any of these actions have worked.

Well, If you have read until here, thank you very much for your time. I appreciate any other idea that you could give me.

SHOP DETAILS:
- Debian 64bits
- Apache 2
- PHP 5.4.45-0+deb7u2
- Prestashop version 1.6.1.4
- MySQL 5.5.47-0+deb7u1
- Required parameters -> OK
- Optional parameters -> OK
 

Thanks!

 

 

**UPDATE**

I have restarted apache with "service apache2 restart" and now I can not even log in with the 'valid admin account'

 

Any idea??

Edited February 17, 2016 by SDJ (see edit history)

[Blue-Garou]

I have the same problem on all my site 

[SDJ]

Solved!

 

In my case, the problem was related to the cookies and the link to access to the BackOffice.

 

In the 1.5.x.x I used the following urls to connect the shop and the backend:

Link to the shop: www.domain.com/shop/

Link to the B.O.:  www.domain.com/admin-dir/

 

Now, I have discovered that the access to the B.O must be via www.domain.com/shop/admin-dir/ to have the correct cookie set by Prestashop. If I access via www.domain.com/admin-dir/ the cookie is set to path /shop/ instead to path /admin-dir/

 

It seems that Prestashop now uses the following configuration for both, clients and admin:

 

Preferences -> SEO & URL -> Link to the shop (Establecer enlace de la tienda)-> Root Directory (Directorio Raiz), in my case /shop/

 

Blue-Garou, I hope you can solve your problem in this way.

[jsteele]

I have the same issue.

[jsteele]

I have to clean my  cookies in order to gain access everytime. So a set aside a browser I don't use  Opera and keep it clean for use of getting into BO.

Prestashop team needs to do a better job, these are the most important aspects of Prestashop.

[manusegarra]

Hi there,

 

Anyone managed to solve this in 1.6?

 

Thanks and regards.

[sibony88]

hello

is there any solution to this problem in prestashop 1.7.2.4

[antoniocici]

Hi there,

I think that this problem is only a bad behaviour of the browsers, in fact if you change the url after the login with the name of another controller, like for example 'controller=AdminOrder', everything works well.

To solve this problem (without change everytime the url manually), I've created a .htaccess file inside my admin folder with the following lines:
 

<IfModule mod_headers.c>
	Header set Cache-Control "no-cache, no-store, must-revalidate"
	Header set Pragma "no-cache"
	Header set Expires 0
</IfModule>

Hope that this solution can be helpful to someone.

 

[sibony88]

On 7.2.2018 at 5:33 PM, antoniocici said:

Hi there,

I think that this problem is only a bad behaviour of the browsers, in fact if you change the url after the login with the name of another controller, like for example 'controller=AdminOrder', everything works well.

To solve this problem (without change everytime the url manually), I've created a .htaccess file inside my admin folder with the following lines:
 

<IfModule mod_headers.c>
	Header set Cache-Control "no-cache, no-store, must-revalidate"
	Header set Pragma "no-cache"
	Header set Expires 0
</IfModule>

Hope that this solution can be helpful to someone.

 

thank you 

it's working !

[zappolo]

On 7/2/2018 at 4:33 PM, antoniocici said:

Hi there,

I think that this problem is only a bad behaviour of the browsers, in fact if you change the url after the login with the name of another controller, like for example 'controller=AdminOrder', everything works well.

To solve this problem (without change everytime the url manually), I've created a .htaccess file inside my admin folder with the following lines:
 

<IfModule mod_headers.c>
	Header set Cache-Control "no-cache, no-store, must-revalidate"
	Header set Pragma "no-cache"
	Header set Expires 0
</IfModule>

Hope that this solution can be helpful to someone.

 

t's working with Prestashop 1.7.3.0! THANKS!!!!

[johnzeta]

On 2/7/2018 at 10:33 AM, antoniocici said:

Hi there,

I think that this problem is only a bad behaviour of the browsers, in fact if you change the url after the login with the name of another controller, like for example 'controller=AdminOrder', everything works well.

To solve this problem (without change everytime the url manually), I've created a .htaccess file inside my admin folder with the following lines:
 

<IfModule mod_headers.c>
	Header set Cache-Control "no-cache, no-store, must-revalidate"
	Header set Pragma "no-cache"
	Header set Expires 0
</IfModule>

Hope that this solution can be helpful to someone.

 

Works!!!!!! thanks so much!!! 

[Skullz0r]

On 2/7/2018 at 4:33 PM, antoniocici said:

Hi there,

I think that this problem is only a bad behaviour of the browsers, in fact if you change the url after the login with the name of another controller, like for example 'controller=AdminOrder', everything works well.

To solve this problem (without change everytime the url manually), I've created a .htaccess file inside my admin folder with the following lines:
 

<IfModule mod_headers.c>
	Header set Cache-Control "no-cache, no-store, must-revalidate"
	Header set Pragma "no-cache"
	Header set Expires 0
</IfModule>

Hope that this solution can be helpful to someone.

 

Great, looking for a solution for weeks, only private browser mode was giving me access. Looks like it is working. Thank you!

[yehanny]

On 2/7/2018 at 10:33 AM, antoniocici said:

Hi there,

I think that this problem is only a bad behaviour of the browsers, in fact if you change the url after the login with the name of another controller, like for example 'controller=AdminOrder', everything works well.

To solve this problem (without change everytime the url manually), I've created a .htaccess file inside my admin folder with the following lines:
 

<IfModule mod_headers.c>
	Header set Cache-Control "no-cache, no-store, must-revalidate"
	Header set Pragma "no-cache"
	Header set Expires 0
</IfModule>

Hope that this solution can be helpful to someone.

 

It was really helpful, no kick out from my admin site anymore, thanks!