Author Topic: Login Redirect Loop After POST on AbanteCart v1.4.1 – Session/Cookie Not Persist (Read 288 times)

Ali Arslan · « **on:** June 19, 2025, 04:22:47 AM »

Hi Community,

I’m experiencing a persistent issue with AbanteCart v1.4.1 on a live deployment. After submitting the login form, the user is redirected to the expected account/account URL, but then immediately redirected back to the login page without any error message.

Observed Behavior:
Login form submits via POST to account/login with valid credentials.

The response returns 302 Found to account/account (as expected).

Then the browser is redirected again with 302 back to login page.

Final status is 200 OK on the login page – but the user is never authenticated.

No errors appear in AbanteCart logs or server logs.

The customer cookie is issued after login, but gets immediately deleted in the next request.

abolabo · « **Reply #1 on:** June 19, 2025, 04:38:14 AM »

please check this sql-request of upgrade script.
https://github.com/abantecart/abantecart-src/blob/1.4.1/public_html/install/abantecart_database_upgrade.sql#L87

Be sure table customer_sessions presents in the database

Ali Arslan · « **Reply #2 on:** June 19, 2025, 04:47:51 AM »

The table already exists in the database. I'm attaching a screenshot of the customer_session fields. Is the table structure okay?

abolabo · « **Reply #3 on:** June 19, 2025, 06:55:50 AM »

yes, structure is correct.

Do you have some old incompatible extensions installed? Can you try disable them?

Ali Arslan · « **Reply #4 on:** June 19, 2025, 07:22:46 AM »

Thank you for the suggestion.

We’ve checked our extensions and we’ve already switched back to the default extension (replacing the existing one). However, the issue still persists the login completes, but the redirection loops back to the login page instead of proceeding to the account dashboard.

My Observation on this issue !

During the login process, we observed the following behavior:

Credential Submission:
When valid login credentials are submitted via the login form, a POST request is initiated to the login route.

Initial Response

Unexpected Session Deletion:
Upon redirection to the /account page, the server immediately deletes the customer session cookie, as seen in the response headers. This results in the authenticated session being dropped unexpectedly.

Second Redirection (Loop Back to Login):
Because the session is no longer valid, the system interprets the user as unauthenticated and redirects them back to the login page. This creates a loop, preventing access to the account area even with valid credentials.

abolabo · « **Reply #5 on:** June 19, 2025, 09:57:30 AM »

Quote from: Ali Arslan on June 19, 2025, 07:22:46 AM

However, the issue still persists the login completes, but the redirection loops back to the login page instead of proceeding to the account dashboard.

one of such unexpected deleting of session can be 3d-party login extensions.
Try to uninstall them completely if presents.

AromeCity · « **Reply #6 on:** June 19, 2025, 10:56:50 AM »

Ali works for me.

We have not used any third-party logins.

You can check yourself at www.AromeCity.com/shop

News:

Author Topic: Login Redirect Loop After POST on AbanteCart v1.4.1 – Session/Cookie Not Persist (Read 288 times)

Ali Arslan

Login Redirect Loop After POST on AbanteCart v1.4.1 – Session/Cookie Not Persist

abolabo

Re: Login Redirect Loop After POST on AbanteCart v1.4.1 – Session/Cookie Not Persist

Ali Arslan

Re: Login Redirect Loop After POST on AbanteCart v1.4.1 – Session/Cookie Not Persist

abolabo

Re: Login Redirect Loop After POST on AbanteCart v1.4.1 – Session/Cookie Not Persist

Ali Arslan

Re: Login Redirect Loop After POST on AbanteCart v1.4.1 – Session/Cookie Not Persist

abolabo

Re: Login Redirect Loop After POST on AbanteCart v1.4.1 – Session/Cookie Not Persist

AromeCity

Re: Login Redirect Loop After POST on AbanteCart v1.4.1 – Session/Cookie Not Persist