Jump to content

Login under domain alias failed

nalply

By nalply,
in General Support

 Share

Recommended Posts

nalply Jr. Member

nalply

Posted
Posted

I installed Processwire on a server under a domain dev.example.com, so that the website can be prepared at ease.

Now the website is ready. I made same server available under www.example.com. This means, dev.example.com is now an alias for www.example.com.

However I can't login under www.example.com. It says Login failed.

Note that I didn't copy any files. I just changed DNS to point to same server.

Edit

  1. The frontend works fine under the two domains.
  2. Login worked fine under the dev domain.
  3. I reset the password for the new domain. Now the same password doesn't work for the old domain.
  4. Password.php (links to Ryan's Github repo) doesn't say that the domain goes into the password hash or salt (or I didn't read carefully enough). What has happened?
Link to comment
Share on other sites
teppo Hero Member

teppo

Posted
Posted

I'd start by checking the $config->httpHosts setting in /site/config.php. Make sure that all domains are listed there (or none, though that's not really recommended).

If that doesn't help, you could try enabling debug mode temporarily (also via /site/config.php) to see if it displays more information about what exactly went wrong.

  • Like 1
Link to comment
Share on other sites
nalply Jr. Member

nalply

Posted
  • Author
Posted

Thanks. I had the httpHosts configured correctly. So you think this should have worked? That means same server, two domains, same logins?

Perhaps Cloudflare is the problem, because the two domains are cloaked behind different IP addresses. But I have the feeling that this shouldn't be the case.

I wonder what exactly goes into the password hash. There is a global auth salt in install.php at line 680 however this salt is same for both domains. This is used for the password hashing.

Could someone clarify how the hash is calculated, especially which inputs to the hash are used?

Link to comment
Share on other sites
teppo Hero Member

teppo

Posted
Posted

On mobile so just a quick update: vast majority of the sites I manage have more than one domain and I can confirm that logging in works with all domains. Domain name is not a part of the password hash.

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...