Can't Login to Admin after Installing Extension

Question

Apologies in advance for the thin details on this one.

I sell a Magento extension. With the latest release, I've started getting an odd bug report from a few users. Specifically, after installing the extension, they report being unable to login to the admin, with login requests being redirected back to the login page, and without any error message displaying.

So, this sounds like the classic "can't set a cookie/instantiate a session" problem. Where this gets weird is they are able to login after 3 - 12 hours (that's an estimate). In other word, they encounter the problem, contact me for support, I write back, they report the problem has vanished. I also assume clearing their cookies and establishing a new session id will fix the problem, and recommend the same to users encountering it.

Has anyone here run into something similar, or can think of a reason this happens? I can't recreate the problem locally, but I've gotten enough reports that I'm convinced it's a legit problem.

Answer 1

Ten months later, I'm pretty sure this bug was caused by instantiating a session object too early in Magento's request lifecycle (via an observer). If a session is instantiated too early, the PHP cookie name will be PHPSESSID instead of adminhtml or frontend.

This won't halt system operation, but in certain conditional code paths where a cookie's already been set it might cause a login token set in the session to be improperly read/written, leading to "I can't login" errors.

The full explanation is too long for a single Stack Exchange answer, but you can find it here if you're interested. (self-link)

Answer 2

As Daniel Sloof said ensure the time on the server is correct. This has prevented me from logging in in the past. After resetting the time on the server ensure to bin your sessions (and cache for good measure) from both your browser and the Magento installation.