Fix Odoo Login Redirect Loop: Page Keeps Reloading After Login

The Problem

You enter your username and password on the Odoo login page, the page appears to submit successfully, but then immediately redirects you back to the login page. No error message, no access to the backend — just an infinite loop of login > redirect > login. This is one of the most frustrating Odoo issues because there is often no error message at all.

What the Browser Shows

# Network tab (F12 > Network):
POST /web/login → 303 See Other → /web
GET /web → 303 See Other → /web/login
GET /web/login → 200 OK (login page again)

# Or:
POST /web/login → 303 See Other → /web/login (direct loop)

Common Causes and Fixes

1. Session Cookie Not Being Set

The most common cause. Odoo sets a session cookie after login, but if it cannot be stored or read back, the next request appears unauthenticated.

Fix — Check cookie settings:

• Open browser DevTools (F12) > Application tab > Cookies
• Look for session_id cookie for your Odoo domain
• If missing: cookies are being blocked
• Common blockers: SameSite restrictions, Secure flag without HTTPS, third-party cookie settings

If using a reverse proxy, ensure cookie domain matches:

# nginx config:
proxy_cookie_path / "/; SameSite=Lax; HTTPOnly";
proxy_cookie_domain localhost yourdomain.com;

2. Reverse Proxy Not Forwarding Headers

Odoo needs correct forwarding headers to generate proper redirect URLs. Without them, Odoo may redirect to the wrong URL or use HTTP instead of HTTPS.

Fix:

# nginx configuration:
location / {
    proxy_pass http://127.0.0.1:8069;
    proxy_set_header Host $host;
    proxy_set_header X-Real-IP $remote_addr;
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    proxy_set_header X-Forwarded-Proto $scheme;
    proxy_set_header X-Forwarded-Host $host;
    proxy_redirect off;
}

# In odoo.conf:
proxy_mode = True

If proxy_mode is False but you are behind a proxy, Odoo does not trust the forwarded headers and may generate wrong redirect URLs.

3. Mixed HTTP/HTTPS

If the login form submits over HTTPS but Odoo responds with an HTTP redirect (or vice versa), the browser may block the session cookie.

Fix:

• Ensure the entire flow is HTTPS
• Set proxy_mode = True in odoo.conf
• Configure nginx to redirect all HTTP to HTTPS
• Check the web.base.url system parameter: Settings > Technical > System Parameters > search for web.base.url. It should be https://yourdomain.com

4. Database Selector Issue

If Odoo manages multiple databases and cannot determine which one to use, it may loop between the login page and the database selector.

Fix:

# In odoo.conf, force a specific database:
dbfilter = ^mydb$
db_name = mydb

# Or list only specific databases:
dbfilter = ^(db1|db2)$

5. Session Storage Full or Corrupted

Odoo stores sessions on disk (or in the database for some configurations). If the session directory is full, read-only, or corrupted, new sessions cannot be created.

Fix:

# Check session directory:
ls -la /var/lib/odoo/.local/share/Odoo/sessions/

# Check disk space:
df -h

# Clear old sessions:
find /var/lib/odoo/.local/share/Odoo/sessions/ -mtime +7 -delete

# Check permissions:
chown -R odoo:odoo /var/lib/odoo/.local/share/Odoo/sessions/
chmod 755 /var/lib/odoo/.local/share/Odoo/sessions/

6. User Account Issues

Less common, but the user account itself may have problems.

Check:

• User is active (not archived)
• User has the correct password (try password reset)
• User is assigned to the correct company
• User's action_id (home action) points to a valid action

# In Odoo shell or SQL:
SELECT login, active, company_id, action_id 
FROM res_users 
WHERE login = 'admin';

7. Two-Factor Authentication Loop

If 2FA is enabled but the TOTP module has issues, login may loop because the 2FA step fails silently.

Fix: Temporarily disable 2FA for the user:

-- In PostgreSQL:
UPDATE res_users 
SET totp_secret = NULL, totp_enabled = false 
WHERE login = 'admin';

Then log in and reconfigure 2FA properly.

8. Browser Extensions Blocking

Ad blockers, privacy extensions, or aggressive cookie managers can block Odoo's session cookie.

Fix: Try in an incognito/private window with no extensions. If it works, the issue is a browser extension. Whitelist your Odoo domain.

Diagnostic Steps

1. Try incognito/private window — eliminates cookie/extension issues
2. Check browser DevTools > Network tab for the redirect chain
3. Check browser DevTools > Application > Cookies for session_id
4. Check Odoo logs for authentication errors
5. Verify web.base.url system parameter matches your actual URL
6. Check odoo.conf for proxy_mode and dbfilter settings
7. Test with curl to eliminate browser-specific issues

# Test login with curl:
curl -v -L -c cookies.txt -d 'login=admin&password=admin&db=mydb' \
  https://yourdomain.com/web/login