You want to install a new Magento instance (version 1.4.0.1 at the time of this writing) in your machine. You followed every steps from downloading up to the setting up of your admin account. Everything went fine so you assumed you’re good to go. You tried to login using your admin account… nothing happened. You tried again… Same login screen with no error whatsoever. You wonder what went wrong. You checked the files and the database as well as clearing the cache. You even tried resetting your account’s password found in the Magento’s admin_user table using the MD5 function thru phpMyAdmin but to no avail. You gave up and tried to reinstall everything only to be greeted by the very same login screen after clicking the Login button.

The real problem lies when a Magento instance is running through a localhost and tries to create a cookie, but fails to do so because it requires a domain and localhost is not a true domain (thanks to Mohammad Abdul Momin Arju for pointing this out in his blog). You can do a simple check to validate this by using Firefox and Firebug to check if a cookie is being generated by the Magento’s Admin Panel login page.

Magento's Admin Panel Login without cookie being generated upon loading

Magento's Admin Panel Login without a cookie being generated upon loading

At this point, we have to edit the core files without breaking the functionality behind this domain checking feature of Magento. To do this, open the following file:

Copy the Varien.php core file which can be found below:

app\code\core\Mage\Core\Model\Session\Abstract\Varien.php

where we assumed that your root directory is htdocs and inside it is your magento folder.

Paste it in the Magento ‘local’ folder which can be found below (create needed folders if it doesn’t exists) and open the file for editing:

app\code\local\Mage\Core\Model\Session\Abstract\Varien.php

Go to line 96 or locate the code similar below:

if (isset($cookieParams['domain'])) {
    $cookieParams['domain'] = $cookie->getDomain();
}

Replace the code found in line 96 with this one:

if (isset($cookieParams['domain']) && !in_array("127.0.0.1", self::getValidatorData())) {

The purpose of this code change is to disable the Magento’s domain checking only if it is accessed via localhost and run as usual if it is being accessed thru a valid domain.

Clear your browser’s cookies to start with a clean slate then clear the Magento cache by deleting all the contents of the following folder:

var\cache

Access the Magento Admin Panel login again thru localhost while your firebug’s cookie tab being on (http://localhost:8080/magento/index.php/admin/). It should display something similar to the image below indicating that a cookie with an adminhtml name has been generated.

Magento's Admin Panel Login with a cookie being generated upon loading

Magento's Admin Panel Login showing a cookie 'adminhtml' generated after loading

At this point you should be able to login now with your admin username and password using localhost as your domain.