Hello Magento Friends,
Today’s blog is on How to Login to Magento 2 Admin Dashboard with root script without password.
There are times when you may lose access to your Magento 2 admin account due to a forgotten password or other technical issues. Luckily, Magento 2 allows you to log in to the admin panel without a password. This method uses a root script to create a new admin user or update an existing one so that you can regain access quickly.
Here’s a step-by-step guide to logging in to your Magento 2 admin without a password using a root script.
Steps to Login in to Magento 2 Admin with Root Script:
Step 1: Create a file in your Magento root directory at the below path
magento_root_directory\adminLoginscript.php
Then add the code as follows
<?php
use Magento\Framework\App\Bootstrap;
require __DIR__ . '/../app/bootstrap.php';
/* code for dispaly error */
ini_set('display_errors', 1);
ini_set('display_startup_errors', 1);
error_reporting(E_ALL);
class adminLoginApp extends \Magento\Framework\App\Http implements \Magento\Framework\AppInterface {
public function launch()
{
$areaCode = 'adminhtml';
$username = '{username}'; // admin user name '{username}'
$this->_request->setPathInfo('/admin'); // magento admin path exam. example.com/admin
$this->_state->setAreaCode($areaCode);
$this->_objectManager->configure($this->_configLoader->load($areaCode));
$user = $this->_objectManager->get('Magento\User\Model\User')->loadByUsername($username);
$session = $this->_objectManager->get('Magento\Backend\Model\Auth\Session');
$session->setUser($user);
$session->processLogin();
if($session->isLoggedIn()) {
$remoteAddress = $this->_objectManager->get('Magento\Framework\HTTP\PhpEnvironment\RemoteAddress');
$adminSessionInfo = $this->_objectManager->create('Magento\Security\Model\AdminSessionInfo');
$adminSessionInfo->setData('session_id', $session->getSessionId());
$adminSessionInfo->setData('user_id', $user->getUserId());
$adminSessionInfo->setData('ip', $remoteAddress->getRemoteAddress());
$adminSessionInfo->setData('status', '1');
$adminSessionInfo->save();
$cookieManager = $this->_objectManager->get('Magento\Framework\Stdlib\CookieManagerInterface');
$cookieValue = $session->getSessionId();
if ($cookieValue) {
$sessionConfig = $this->_objectManager->get('Magento\Backend\Model\Session\AdminConfig');
$cookiePath = str_replace('autologin.php', 'index.php', $sessionConfig->getCookiePath());
$cookieMetadata = $this->_objectManager->get('Magento\Framework\Stdlib\Cookie\CookieMetadataFactory')
->createPublicCookieMetadata()
->setDuration(3600)
->setPath($cookiePath)
->setDomain($sessionConfig->getCookieDomain())
->setSecure($sessionConfig->getCookieSecure())
->setHttpOnly($sessionConfig->getCookieHttpOnly());
$cookieManager->setPublicCookie($session->getName(), $cookieValue, $cookieMetadata);
}
$backendUrl = $this->_objectManager->get('Magento\Backend\Model\UrlInterface');
$path = $backendUrl->getStartupPageUrl();
$url = $backendUrl->getUrl($path);
$url = str_replace('adminLoginscript.php', 'index.php', $url); // here adminLoginscript.php script is file name
header('Location: '.$url);
exit;
}
return $this->_response;
}
}
$bootstrap = Bootstrap::create(BP, $_SERVER);
$bootstrap = \Magento\Framework\App\Bootstrap::create(BP, $_SERVER);
/** @var \Magento\Framework\App\Http $app */
$app = $bootstrap->createApplication('adminLoginApp');
$bootstrap->run($app);Step 2: After the above step you will need to run the below-given URL
https://yourdomain.com/adminLoginscript.php
Conclusion:
This is especially useful in emergency situations when you need instant access. But be sure to use this method responsibly and clean up the script after you’re done to maintain the security of your store.
Also read –
How to Set Password Reset Protection Type for Admin in Magento 2
How to Disable Admin Password Expiration in Magento 2
If you have any security-related issues or problems with your Magento site, reach out to us.
Happy Coding!
