Cannot login to local copy of live website

[floko]

Hi everyone,

I copied all root files, /site and /wire content from our live website to a local XAMPP installation, also a copy of the live database dump.
Now frontend works fine on localhost, but I cannot login to my admin account.
Initially, I received the warning "request was aborted because it appears to be forged" until I suppressed CSRF protection in /wire/config.php
Also I set sessionFingerprint = 0 and sessionChallenge to false in config, additionally I deleted corresponding cookies.
While the warning disappeared, I am still not able to log in.
(Neither do file privileges/permission settings seem to be an issue, as far as I can tell.)

Any idea where to investigate next?
Thank you!
 

 

[bernhard]

Do you have the same userAuthSalt in config.php? If you change that (or it does not exist) you'll not be able to use the same password. 

You can also reset/force-login like this: https://processwire.com/talk/topic/29593-solved-do-the-reset-password-tricks-work-for-you-they-dont-work-for-me/?do=findComment&comment=239355

But it would be better if you understand why it does not work and then fix it if needed 🙂 

[zoeck]

Have you changed the variable “$config->httpHosts” in your config.php so that it contains your local url?

[floko]

Thanks, @zoeck! No, I haven't... So I just tried this and added "localhost" to the array. Login is still not possible (also deleted localhost cookies beforehand).

Edited Tuesday at 10:31 AM by floko

[floko]

@bernhard The salt hash is the same as before, so I can rule that out. Thanks for the hint in any case!
Regarding the workaround script to be placed in site/ready.php: Such a file does not exist. Maybe in the PW version I am using (3.0.206) this was not introduced yet?

[bernhard]

I think the concept of /site/ready.php has been there well before I started using PW in 2013 - so I think you can just create it and it should work. Your issue sounds strange though and I'm not sure what would be best to do. But I'd try to see if it works with force-login and then resetting the superuser password. At least that will show you where the problem lies (either a wrong passwort or something else).

[JosephineNeill]

Have you checked the database for session or user-related issues?

[floko]

Thanks for the hint, @JosephineNeill!

I emptied the table session_login_throttle. Besides that, I don't know where to look: table field_pass maybe? Not sure what this does...

[floko]

@bernhard You are right, I created ready.php with the script lines you suggested and it was indeed executed, including the condition for forceLogin (checked via error_log). However, nothing happened...

Thanks anyway for your suggestion! Was worth a try.

[cwsoft]

Had similar issues with login on local site a while ago using DDEV. I put a config-dev.php into my local site folder and set the $config->httpHosts to my local site domain.ddev.site. In addition I changed the Session suffix for my localsite so I could open live and local site in the browser the same time. Otherwise the sessions will overwrite each other causing weired issues. With this two changes everything works great even live/local site by site in different browser tabs.