search

nopSolutions / nopCommerce

ASP.NET Core eCommerce software. nopCommerce is a free and open-source shopping cart.
https://www.nopcommerce.com
Other
9.31k stars 5.32k forks source link

Can't login or register (ERR_TOO_MANY_REDIRECTS) #4641

Closed mhdcindioglu closed 4 years ago

mhdcindioglu commented 4 years ago

nopCommerce version: 4.3

Steps to reproduce the problem:

mhdcindioglu commented 4 years ago

I tried to remove this line: [HttpsRequirement] From: Presentation/Nop.Web/Controllers/CustomerController line: 384

and it worked!

Svmurvj commented 4 years ago

I have same problem. What is best solution for that to handle on localhost ?

SelectSystemsInternational commented 4 years ago

I have it setup in both Visual Studio and on IIS and I could not login in either. When I ran the setup on IIS the default settings are not created for SSL (See Image 1). StoreSetup1 I had to manually set the values then restart the webserver. Then I can login (See Image 2) StoreSetup2 I also note the securitysettings.forcesslforallpages Setting is no longer used ?

maplewang commented 4 years ago

I am using Cloudflare SSL, you need add one line in web.config

<httpProtocol> <customHeaders> section to set Use_HTTP_X_FORWARDED_PROTO to true.

<add` key="Use_HTTP_X_FORWARDED_PROTO" value="true" />

check here https://www.nopcommerce.com/en/boards/topic/48285/err_too_many_redirects or here https://www.nopcommerce.com/en/boards/topic/42111/cloudflare-flexible-ssl-and-nopcommerce-problem/page/2

`For those who are still struggling with Cloudflare Flexible SSL, this is how we solved the issue in nop 4.20:

  1. Set UseHttpXForwardedProto = true in Nop.Web/appsettings.json (Cloudflare setups X-Forwarded-Proto header to determine if request is secured. See more https://support.cloudflare.com/hc/en-us/articles/200170986-How-does-Cloudflare-handle-HTTP-Request-headers- ).
  2. Ensure "Always Use HTTPS" setting is enabled in Cloudflare.
  3. Ensure nopCommerce Store "URL" has https schema.
  4. Ensure nopCommerce Store "SSL Enabled" setting is set to true.
  5. Ensure nopCommerce "Force SSL for all pages" is enabled. `
mhdcindioglu commented 4 years ago

The problem is here: RedirectRequest(filterContext, _storeContext.CurrentStore.SslEnabled); If we change this line to: RedirectRequest(filterContext, !_storeContext.CurrentStore.SslEnabled); It worked!

Nop.Web.Framework.Mvc.Filters.HttpsRequirementAttribute.HttpsRequirementFilter.OnAuthorization(AuthorizationFilterContext filterContext)

This value from where? _storeContext.CurrentStore.SslEnabled

SslEnabled is false so app redirect you to http with https port, but in VB localhost http port and https port is different.

zerokewl88 commented 4 years ago

I also had this problem, and was able to resolve this via updating the database and set the following:

Url -> https://[my site url] Hosts -> [changed this to my site host] SslEnabled -> 1

mhdcindioglu commented 4 years ago

The question is: How the normal user can update the store data if he can't login.

skoshelev commented 4 years ago

Closed #4641

skoshelev commented 4 years ago

The question is: How the normal user can update the store data if he can't login.

Unfortunately, the only way to make corrections to the configuration when there is no access to the administration area is to directly edit the database.

chu3kit0 commented 4 years ago

I have it setup in both Visual Studio and on IIS and I could not login in either. When I ran the setup on IIS the default settings are not created for SSL (See Image 1). StoreSetup1 I had to manually set the values then restart the webserver. Then I can login (See Image 2) StoreSetup2 I also note the securitysettings.forcesslforallpages Setting is no longer used ?

it worked for me