01.authentication failed error

[bilma]

hi,

i have updated the prestashop 1.3 sql data to prestashop 1.4.0.14 using update installation method.after that im not able login to front office based on old sql data.

if i register newly in 1.4 then the login in front office is working fine..

but exiting customers(email and password data from 1.3 ) is not login in front office shows authentication failed.


please help me. im very thankful to u

[shokinro]

I think the cookie key to encrypt is changed. If you have back up of your existing site. Try to use old one to see if it solve you problem. The cookie key is defined in file /config/settings.inc.php

define('_COOKIE_KEY_', 'WmkfhewfhehuueiwgeguiwguwegGewPveM0cSZmGgQD');

[Pippo3000]

I think the cookie key to encrypt is changed. If you have back up of your existing site. Try to use old one to see if it solve you problem. The cookie key is defined in file /config/settings.inc.php

define('_COOKIE_KEY_', 'WmkfhewfhehuueiwgeguiwguwegGewPveM0cSZmGgQD');

hi shokinro,

I already posted in some other places on the forum that I face the same authentication error every once in a while with my customers and have no clue how to solve this. especially since I did not upgrade PS since my first install of v1.3.2 and also never uploaded a backup of my database (instead I am obviously adding products and rather make a backup of the database). So I have no clue why some customers cannot login and even the (automatic) password reset does not help. All that seems to help is a manual password reset in the BO. This just did the trick for my most recent customer having issues using his previous password.

plus, I am not so technical and I do not understand:

- why only some customers face this issue and not all when the changed cookie key is supposed to be the culprit

- how to actually re-instate the old cookie key from my database backup, any idea / guidance here

- why it would not affect ALL customers to receive authentication errors once I re-instated the old key; I mean, older customers might be fixed, but how about the latest customers probably used the new (defect) key? will they not get the authentication error now instead if I use the old cookie key, making the problem worse or basically just shifting the problem from one customer range (old) to the other (new/latest)?

phil

[shokinro]

if you have switched cookie key (defined in file /config/setting.inc.php) for what ever reason, there will be always some customer not able to log in.

Here is my explanation, just an example,

On Date1 you installed your store
On Date2 you reinstall or upgraded your store with copy the old cookie key
On Date3 you found a problem and switched to use old cookie key

In above example, customers signed up between Date2 and Date 3 are not able to log in.
Worse case if on Date4 you switched back use the new cookie key, then in this case
Customers signed up Before Date2, or Between Date3 and Date4 are not able to log in.

I am not sure if I answered your question.

[Pippo3000]

if you have switched cookie key (defined in file /config/setting.inc.php) for what ever reason, there will be always some customer not able to log in.

Here is my explanation, just an example,

On Date1 you installed your store
On Date2 you reinstall or upgraded your store with copy the old cookie key
On Date3 you found a problem and switched to use old cookie key

In above example, customers signed up between Date2 and Date 3 are not able to log in.
Worse case if on Date4 you switched back use the new cookie key, then in this case
Customers signed up Before Date2, or Between Date3 and Date4 are not able to log in.

I am not sure if I answered your question.

thanks, I guess it does as this is what I understood. however, what strikes me is that I did neither upgrade PS nor did I ever knowingly change the cookie key. how comes that I nonetheless face the same error plus that probably only few customers have this issue and not all?

phil

[shokinro]

thanks, I guess it does as this is what I understood. however, what strikes
me is that I did neither upgrade PS nor did I ever knowingly change the
cookie key. how comes that I nonetheless face the same error plus that
probably only few customers have this issue and not all?

If the customer is not able to log in all the time, maybe it is related to customer's browser cookie setting.
If the customer can log in after you reset his/her password, then only possibility is that customer forgot his/her password.
Based on the information you gave, that is what I can think. So sorry it might not helpful.

[mmsh]

hi shokinro,
attention 'cause is a real problem... it also happened to me and i don't know why, unique thing i did as particular... was a backup some days ago, to test the gunzip with gzip... and all was ok...until i tried to login with one test user i previous created.
shokinro...
it's really not good authentication failed... for this "cookie" problem or backup problem...
if in database user exists he has to login... and login again in a way or another without any problem...backup or not backup. Please, solve this issue soon 'cause is really important and basic to everyone... i guess

edit:
somewhere i read about authcontroller.php

...
if (!Tools::getValue('is_new_customer'))
              $_POST['passwd'] = trim($_POST['passwd']);

i don't know if it really solves or not... but before this code i tried to change customer password from BO and it didn't work... now instead i change the password myself (admin) and it works...change as customer and it works too.
But at the next backup i will have this big issue again? I can't say customers to register again. Sorry

[mmsh]

also tried with the first test demo user [email protected] ... i can change the password from BO and now it works. What's the problem with

md5(time()._COOKIE_KEY_);

???