Admin login issue fix.

[engcom-Foxtrot]

Description (*)

Related Pull Requests

magento/security-package#291

Fixed Issues (if relevant)

1. None

Manual testing scenarios (*)

1. Install Magento 2 with --use-rewrites=0 option or set web/seo/use_rewrites to 0 in core_config_data_table.
2. Open URL <magento host>/<backend front name>/ in incognito browser mode.
3. Try to log in as admin.

Actual behavior

Not logged in - page <magento host>/<backend front name>/ reloaded.

Expected behavior

Logged in.

Questions or comments

On the actual 2.4-develop admin session cookie path is generated in \Magento\Backend\Model\Session\AdminConfig::extractAdminPath. This method considers the path part of the base URL. When URL rewrites are disabled, Magento saves admin cookie with /index.php/<backend front name> path (see an attached screenshot), so accessing admin login screen by <magento host>/<backend front name>/ URL does not fit the cookie path.

Contribution checklist (*)

• Pull request has a meaningful description of its purpose
• All commits are accompanied by meaningful commit messages
• All new or changed code is covered with unit/integration tests (if applicable)
• All automated tests passed successfully (all builds are green)

Resolved issues:

1. resolves [Issue] Admin login issue fix. #32100: Admin login issue fix.

[m2-assistant]

Hi @engcom-Foxtrot. Thank you for your contribution
Here are some useful tips how you can test your changes using Magento test environment.
Add the comment under your pull request to deploy test or vanilla Magento instance:

• @magento give me test instance - deploy test instance based on PR changes
• @magento give me 2.4-develop instance - deploy vanilla Magento instance

❗ Automated tests can be triggered manually with an appropriate comment:

• @magento run all tests - run or re-run all required tests against the PR changes
• @magento run <test-build(s)> - run or re-run specific test build(s)
  For example: @magento run Unit Tests

<test-build(s)> is a comma-separated list of build names. Allowed build names are:

1. Database Compare
2. Functional Tests CE
3. Functional Tests EE,
4. Functional Tests B2B
5. Integration Tests
6. Magento Health Index
7. Sample Data Tests CE
8. Sample Data Tests EE
9. Sample Data Tests B2B
10. Static Tests
11. Unit Tests
12. WebAPI Tests
13. Semantic Version Checker

You can find more information about the builds here

ℹ️ Please run only needed test builds instead of all when developing. Please run all test builds before sending your PR for review.

For more details, please, review the Magento Contributor Guide documentation.

⚠️ According to the Magento Contribution requirements, all Pull Requests must go through the Community Contributions Triage process. Community Contributions Triage is a public meeting.

🕙 You can find the schedule on the Magento Community Calendar page.

📞 The triage of Pull Requests happens in the queue order. If you want to speed up the delivery of your contribution, please join the Community Contributions Triage session to discuss the appropriate ticket.

🎥 You can find the recording of the previous Community Contributions Triage on the Magento Youtube Channel

✏️ Feel free to post questions/proposals/feedback related to the Community Contributions Triage process to the corresponding Slack Channel

[gabrieldagama]

@magento create issue

[gabrieldagama]

@magento run all tests

[engcom-Foxtrot]

@magento run all tests

[engcom-Foxtrot]

@magento run all tests

[magento-engcom-team]

Hi @gabrieldagama, thank you for the review.
ENGCOM-8784 has been created to process this Pull Request
✳️ @gabrieldagama, could you please add one of the following labels to the Pull Request?

Label	Description
Auto-Tests: Covered	All changes in Pull Request is covered by auto-tests
Auto-Tests: Not Covered	Changes in Pull Request requires coverage by auto-tests
Auto-Tests: Not Required	Changes in Pull Request does not require coverage by auto-tests

[engcom-Bravo]

❌ QA Failed

Each time after Sign In to Admin Panel, an Invalid security or form key. Please refresh the page. error message appears

[engcom-Foxtrot]

@magento run all tests

[engcom-Foxtrot]

@magento run all tests

[ihor-sviziev]

@magento run Functional Tests B2B, Functional Tests CE, Functional Tests EE

[engcom-Foxtrot]

@magento run all tests

[ihor-sviziev]

@magento run Functional Tests B2B, Functional Tests CE, Integration Tests, WebAPI Tests

[ihor-sviziev]

@magento run Functional Tests B2B, Integration Tests

[magento-engcom-team]

Hi @ihor-sviziev, thank you for the review.
ENGCOM-8784 has been created to process this Pull Request

[engcom-Oscar]

✔️ QA passed

Was checked case from Manual testing scenarios

1. Install Magento 2 with --use-rewrites=0 option or set web/seo/use_rewrites to 0 in core_config_data_table.
2. Open URL <magento host>/<backend front name>/ in incognito browser mode.
3. Try to log in as admin.

❌ Before:
Not logged in - page <magento host>/<backend front name>/ reloaded.

✔️ After:
Logged in.

[m2-assistant]

Hi @engcom-Foxtrot, thank you for your contribution!
Please, complete Contribution Survey, it will take less than a minute.
Your feedback will help us to improve contribution process.