Magento login not working: 5 Ways to decide what to do next

3 fool-proof cases you can come up with the issue are:

  • Magento admin login not working: having entered your username and password, the admin panel won’t let you in without error or any other message;
  • Magento customer/frontend login not working: the login form won’t work for Chrome (any other browser), as a result, you are redirected to the frontend login page without any warning;
  • Magento checkout login not working: the customer login on the checkout page won’t work, whereas the login does well everywhere else on the website.

First off, check out whether the issue is your hang-up: enter incorrect login and password to see there is an error message:

  

 

 

Are valid credentials beside the point? Read on. 

What needs to be done to make Magento login work:

The commonest reason for the problem is that the cookie params being set by the Magento backend on your browser are absent or have never been installed.

You need to learn why the cookie’s missing

#1 Check cookie expiration

Having been set, the cookie’s instantly expiring. To check it start with the cookies your browser contains and if there’s one from Magento. 

setcookie (
"CookieName",
"CookieValue",
time (+ (10* 365* 24* 60* 60)
) ;

 

The local time could have been set incorrectly.  This being so, the both timezones applied by Magento should be reviewed. The cookie specification can be set to expire in 10+ years. 

#2 Shift to the localhost interface

Being set to run locally the Apache webserver may be accessed through the localhost (hostname). Thus, the cookie won’t be set due to security configs of the browser. Stop using localhost, but run the localhost interface instead. You need either to shift the base url_values in core_config_data table or to look at your interface configuration. Then delete your contents and reload the page. 

#3 Prove the cookie domain matches the server’s

Go to the core_config_data table via the SQL command and renew it to a less secure -> empty string or a safer -> actual domain: 

System-> Configuration-> Web -> Session Cookie Management

#4 Confirm ‘getBlockHtml’ is there

‘Formkeys’ or getBlockHtml is used for protecting Magento against XSS attacks. It’s saved in the session data and validated during the submission to the server.

<?php echo $this->getBlockHtml (‘formkey’) ; ?>

If something is wrong about it the action won’t be completed.   

#5 Review app\code\core\Mage\Core\Model\Session\Abstract\Varien.php

 Other team developers could have customized app\code\core\Mage\Core\Model\Session\Abstract\Varien.php:

/* to solve login issue */
/*if (!$cookieParams[ 'httponly']) {
unset (!$cookieParams[ 'httponly']);
if (!$cookieParams[ 'secure']) {
unset (!$cookieParams [ 'secure']);
if (!$cookieParams[ 'domain']) {
unset (!$cookieParams[ 'domain']);
}
}
}
if (isset ($cookieParams ['domain'])) {
$cookieParams ['domain'] = $cookie->getDomain();*/ //I have commented these lines

 

Thus, bugs tracking and login work could have been affected. 

The bottom line

Now you know full well the issue can arise at different levels: admin/customer/checkout login is not working. Commonly, the problem stems from incorrectly set cookie params:

  • cookie expiration
  • the localhost access to Apache webserver;
  • cookie domain doesn’t match with the server’s one;
  • ‘formkey’ is missing;
  • app\code\core\Mage\Core\Model\Session\Abstract\Varien.php is customized by other developers.

Having cast about for all the potential causes and put to work one of the active solutions, you’ll finally eliminate the issue. 

Rate the answer?