Redirect to homepage after entering wrong User password

[Bmacuser1]

Hi guys

Use case: Login to user account" /customer/account/login/ "After entering the wrong pw you get a redirect to the homepage and the default error message here

Expected result: Stick on the same page (" /customer/account/login/) and get the error message here to retry.

We have installed 2.2.4 on nginx server and default Whitelist rules only. Disable Module in Backend doesnt change anything. We have to disable the plugin via command line to get the usual expected result.

Any ideas to solve it or what might cause the issue? Thanks Björn

[shochdoerfer]

Do you have any other modules installed, some custom settings in your nginx config or maybe Varnish involved?

I am not able to reproduce the behaviour locally on my test setup. You should not be redirected to the homepage at all, thing should actually work as you expect them to work.

[Bmacuser1]

Sorry for my late response. Traveling and broken mac...Yes we run on MGT commerce Hosting and they manage the server and have Vanish running. We can exclude sites for vanish but my test didnt solved it yet. I excluded "customer/account/login/referer" I you have any ideas i appreciate some inputs. otherwise we try to find a solution.

[shochdoerfer]

Hard to say without seeing what is going on. Any specific reason why you are using version 2.2.4, ideally you should use the latest version 3.0.1.

[Bmacuser1]

Did not mentioned it correctly. We use the last version of your extension and Magento 2.2.4 CE Version. Did you test it with this version? We have the extension disabled in the backend and it creates still the issue. In our case it redirects from the Wholesale Site to the Retail site. We have our domain 123.com for Retail and 123.com/ws for Wholesale which protects the site with your extension.

It redirects from the 123.com/ws to 123.com home site after using wrong credentials for login. It was all working correctly when we disabled the Plugin via command line. Today we test more in detail with our developer to see which areas causes the issue and update any news

[shochdoerfer]

We tested the module with a default install of Magento 2.2.4 and it seems to work as it should be. When you disable the module in the backend, no redirect should happen. Not exactly sure what causes this issue.

Are Retail and Wholesale 2 different store views, stores or websites?

[Bmacuser1]

We tried different tests this week. Retail and Wholesale are 2 different Websites.

Our tests: -with vanish disabled, -backend module disabled -removing all our own whitelist rules to just work with default whitelist rules

Only when i disable the entire module via command line I get the expected result. Login on Wholesale site and staying on this site as the usual magento login process. With module enabled i have to go back to the wholesale site and i can access my account. its just a redirect from wholesale website to retail website home. We are now really on our limits to test. Next week we have to go live. Maybe you have any ideas to test more which might cause the issue.

[shochdoerfer]

Sorry but I can't really follow along. Seems like the problem is something different than you initially reported. Could you please outline a bit better your setup and what you want to achieve? Feel free to email me, see the composer.json for my email address.

[der-workfloh]

Hi @Bmacuser1 ,

can you try an set a different target url in der administration configuration for the specific website (123.com/ws) with the full path?

So that the target url is: 123.com => customer/account/login/ 123.com/ws => ws/customer/account/login/

You can find this configuration at Stores > Configuration > Force Login (you may review the documentation section)

Hope this helps and best regards!

[shochdoerfer]

Does #122 fix your problem?

[Bmacuser1]

Thanks for all your help guys. I have to mention here. The original post issue has been solved in between maybe a setting issue. But with 2.2.4 and multistore website + vanish its not an issue there.

Lately we had only one issue to get correctly redirected after login.

Use case was we have been redirected from our wholesale website to the retail website instead of staying on the site where the forcelogin extension is enabled.

Solution here is: #122

[der-workfloh]

Hi @Bmacuser1 ,

i dont think #122 is a correct solution, as I dont see a controlled behaviour behind the `getRedirectUrl();``call of how to redirect to a specific target if the visitor is not logged in. As I described above, your problem should be solved by simple configuring the target Url in the configuration area and override the configuration for the wholesale website. Afaik, no changes required.

Best regards

[Bmacuser1]

Hi @websharp

we have done the redirect solution already. As mentioned i have tried your solution first. 123.com => customer/account/login/ 123.com/ws => ws/customer/account/login/

123.com/ws is the root directory of website 2. When i enter the ULR mentioned, i get 123.com/ws/ws/customer/account/login

Did you mean something else?

[der-workfloh]

Hi @Bmacuser1 ,

thanks for the feedback and the testing.

I understood the following as your problem:

Base Url (Configured Target Url) => Resolved Redirection
123.com (customer/account/login/) => 123.com/customer/account/login/
123.com/ws (customer/account/login/) => 123.com/customer/account/login/

By what it is expected from the module so far:

Base Url (Configured Target Url) => Resolved Redirection
123.com (customer/account/login/) => 123.com/customer/account/login/
123.com/ws (customer/account/login/) => 123.com/ws/customer/account/login/

I assumed maybe the URL components method to retrieve the base url may be resolving only 123.com for all of your stores / websites ( see ). That is why I proposed to change the target url for the specific website. For now, I am not clear of which situation your are in.

There is a Unit Test for this situation, which may be not sufficient enough to verify the correct functionality ( see ).

In the PR #122 it is not clear, where the redirection URL is coming from and this may result in more unexpected behaviour. The target URL configuration is exactly for this purpose to define a specific, known endpoint.

I hope to find some time soon to look more into this.

Best regards

[der-workfloh]

@Bmacuser1

you may want to test #123 if it resolves your issues.

Best regards