Jump to content
thirty bees forum
  • 0

Back office login loop


zach193563

Question

Hi there,

Step 1) So when I go to my backoffice, this is the link:

https://xxxxxxxxxxx.xxxxxxxx/xxxxxx/index.php?controller=AdminLogin&token=9c89897cbd57c3b70baa7db1430e19b2

Step 2) I then enter the correct email address and password, and it then redirects me to this link: 

https://xxxxxxxxxxx.xxxxxxxx/xxxxxx/index.php?controller=AdminLogin&token=9c89897cbd57c3b70baa7db1430e19b2I

Step 3) I then type in the same email and password, and it then redirects me to this link:

https://xxxxxxxxxxx.xxxxxxxx/xxxxxx/index.php?controller=AdminDashboard&token=48f7e9b66521ab199844652390066545

I have completely uninstalled thirty bees, and began a fresh installation. This issue persisted even on my new, clean installation with no external modules.

Kindly note that in step one the token is not the same as step one. It seems to add an uppercase "I" at the end of the token.

I found an old thread (redirect) from 2019 which I did not want to bump, where somebody had this exact same problem as me and they also had this uppercase "I" at the end of their token on step two. 

Their fix turned out to be PHP-FPM which the hosting company had to resolve. My hosting company have attempted to resolve this with PHP-FPM but it has not fixed it. This seems to be a very isolated issue with only a small number of people having this problem.

To attempt to fix it on my end, I have done the following, even on the fresh, clean installation of thirty bees:

disable mod_security setting, change some settings in configuration table (PS_COOKIE_LIFETIME_BO,PS_COOKIE_CHECKIP,"PS_CIPHER_ALGORITHM"), check  ps_shop_url, make changes in ps_advice table, change theme, switch off multiviews. 

(That was copied and pasted from the similar thread which had this issue. I have tried all of these steps to no avail)

For hosting, we are using Namecheap's shared Stellar program 

Configuration Information

Quote

CONFIGURATION INFORMATION

This information must be provided when you report an issue on our bug tracker or forum.

 SERVER INFORMATION

Server information Linux #1 SMP Sat May 7 10:18:11 UTC 2022 x86_64

Server software version LiteSpeed

PHP version 8.1.13

Memory limit 1024M

Max execution time 1500

 DATABASE INFORMATION

MySQL version 10.3.37-MariaDB-cll-lve

MySQL server localhost

MySQL name xxxx

MySQL user xxxx

Tables prefix tbbb_

MySQL engine InnoDB

MySQL driver DbPDO

 STORE INFORMATION

Thirty bees version: 1.4.0

Thirty bees revision: 1.4.0

Build for PHP version: 8.1

Shop URL http://xxxxxxxx/

Current theme in use Niara

 MAIL CONFIGURATION

Mail method You are using your own SMTP parameters.

SMTP server: xxxxxxxxxxxxx

SMTP username: xxxxxxxxxxxx

SMTP password: xxxxxxxxxx

Encryption xxxxxxxxxx

SMTP port xxxxxxxxx

 YOUR INFORMATION

Your web browser Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36 Edg/108.0.1462.54

 CHECK YOUR CONFIGURATION

Required parameters OK

Optional parameters OK

It appears this is a big problem it goes back a long time when you google "prestashop admin login loop" this is spontaneous and I have now found two/three other threads on the thirty bees website describing this. Please help...

 

If anyone would like to attempt to reproduce this, please send me a message and I will give you an account with limited access to the back office area.

 

 

Edited by zach193563
Explained that this issue has multiple threads on different forums since 2014.
Link to comment
Share on other sites

8 answers to this question

Recommended Posts

  • 0
9 hours ago, datakick said:

This is a bug in 1.4, already fixed in bleeding edge:

https://github.com/thirtybees/thirtybees/commit/6a4f9d59a6af67b79546aca8d8af8aebf589ae81

Please can you tell me how to update to bleeding edge? We currently have 1.4 stable. I check the Core Updater tab and nothing on there talks about bleeding edge? it just says checking your installation

 

Link to comment
Share on other sites

  • 0
12 hours ago, musicmaster said:

Does this also solve the double login phenomena that I see on a stable 1.4? The first time nothing happens and the second time i am in.

Yes. Fix is in both bleeding edge, and 1.4.x (bleeding edge for upcoming 1.4.1 bufix release)

Link to comment
Share on other sites

  • 0
12 hours ago, zach193563 said:

Please can you tell me how to update to bleeding edge? We currently have 1.4 stable. I check the Core Updater tab and nothing on there talks about bleeding edge? it just says checking your installation

Go to Core Updater settings page (either click on Configure from Module list, or open core updater and click on Settings in upper right corner), and in distribution channel choose Bleeding Edge.

image.png.26cf2182e156bd668ee883501ccf7966.png

Link to comment
Share on other sites

  • 0
1 hour ago, datakick said:

Go to Core Updater settings page (either click on Configure from Module list, or open core updater and click on Settings in upper right corner), and in distribution channel choose Bleeding Edge.

image.png.26cf2182e156bd668ee883501ccf7966.png

It worked!! The only thing that worries me is this is bleeding edge so meant be for testing only whereas I am using it on a live business that transacts daily. Should I be concerned?

Link to comment
Share on other sites

  • 0
24 minutes ago, zach193563 said:

It worked!! The only thing that worries me is this is bleeding edge so meant be for testing only whereas I am using it on a live business that transacts daily. Should I be concerned?

It's true that bleeding edge is not intended for production use. I personally use it on my production server, but that's because I know what I'm doing, and I'm fine with the risk 🙂

Bleeding edge changes quite often, and sometimes it contains some new bugs. This version should be deployed to testing environment, if you have any. If not, I strongly suggest you to create one -- so you can continuously test the upcoming release, and see if you are in need for any modifications. And provide feedback to us if you encounter any issue, so we have a chance to fix it before official release.

For production, I recommend you use 1.4.x branch -- it can be found in 'Custom target'. This is bleeding edge for upcoming bugfix release 1.4.1.  

image.png.b7acc16eb853b699fc3bbf414586e9b4.png

The diference between main (bleeding edge) and 1.4.x is that main contains bugfixes, new feature work, refactoring, code maintenance, etc. On the other hand, 1.4.x receives only well understood bug fixes. There are no new features or refactoring that could cause unnecessary troubles. One could argue that 1.4.x is more stable than stable release 🙂

Link to comment
Share on other sites

  • 0
21 minutes ago, datakick said:

It's true that bleeding edge is not intended for production use. I personally use it on my production server, but that's because I know what I'm doing, and I'm fine with the risk 🙂

Bleeding edge changes quite often, and sometimes it contains some new bugs. This version should be deployed to testing environment, if you have any. If not, I strongly suggest you to create one -- so you can continuously test the upcoming release, and see if you are in need for any modifications. And provide feedback to us if you encounter any issue, so we have a chance to fix it before official release.

For production, I recommend you use 1.4.x branch -- it can be found in 'Custom target'. This is bleeding edge for upcoming bugfix release 1.4.1.  

image.png.b7acc16eb853b699fc3bbf414586e9b4.png

The diference between main (bleeding edge) and 1.4.x is that main contains bugfixes, new feature work, refactoring, code maintenance, etc. On the other hand, 1.4.x receives only well understood bug fixes. There are no new features or refactoring that could cause unnecessary troubles. One could argue that 1.4.x is more stable than stable release 🙂

I just switched to it now. All seems to be working, it probably is more stable than the stable release as it'll have some fixes and tweaks 😛 Thank you ❤️ 

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
×
×
  • Create New...