Reverse SSO: Logging Into Your Site After Checkout
If you are asking the FoxyShop datafeed endpoint to create user accounts on your site, you can customize the receipt to automatically log the user in to your WordPress site. This means that by the time they get back to your site their account will already have been created and they will be logged in. In order to utilize this feature, please see the following requirements:
- Must be using FoxyCart 2.0+
- Must be using FoxyShop 4.6+
- Must have SSO enabled
- The datafeed should be pointed to FoxyShop
- “Create/Update WordPress User After Checkout” should be checked in FoxyShop Settings
You can either replace the “Continue” button url with a special login link, or you can have the checkout do a behind-the-scenes JSONP call which will send the login request immediately and transparently.
To replace the button url, place this code on in the Custom Footer box of your custom configuration section in the FoxyCart admin, while replacing YOURSITE.COM with your website’s url.
If you would prefer to use the JSONP method to have the user logged in dynamically in the background, use this code sample instead. If you do use the JSONP method, you’ll need to make sure that you also check the receipt option at FoxyCart to “Redirect to http receipt instead of https” so that the ajax request doesn’t have a security failure.
By default, this script will allow the link to work for five minutes after the order is placed. If you want to allow more time, you can adjust the date modification in the timestamp on line 2. It can be 1 hour or 1 day (or 1 year). But the longer the timestamp expiration, the more risk that the link could be misused.