In the flow of when a non-logged in user gets sent from SITE to foxycart:
* The instant notification is sent back to SITE when the user is created on foxycart.
* From this information the users account on SITE is created.
* the user clicks the 'continue' button to return to SITE.
WHAT HAPPENS NOW:
The user is asked for their password.
The user thinks ".....ummmmm?"
WHAT I WANT TO HAPPEN:
The user is logged in to the account that just got created for them in the background and now belongs to them.
How do I log that user in?
Places I have thought of so far:
* perhaps the fcsid is sent back when the user comes back via the 'continue' link. Try to use that to match up the user. (fcsid doesn't come back at that point.)
* perhaps i could create the user before they go to foxycart during the SSO check phase then start a session for them then and fill it in with the info from the instant notification. (but that leaves the possibility that they wont complete the transaction and I will have an unknown user in the system with no details about them and they are logged in. seams like a backdoor inviting spam.)
What is everyone else doing in this situation? Sending out the password and asking the user to log back in again after purchase?