| Both sides previous revisionPrevious revisionNext revision | Previous revision |
| v:0.7.0:customers [2010/10/02 07:31] – foxybrett | v:0.7.0:customers [2017/04/26 07:02] (current) – external edit 127.0.0.1 |
|---|
| |
| ===== Saved Payment Information ===== | ===== Saved Payment Information ===== |
| <wrap important>Non-guest customers can have one and only one saved payment method</wrap> associated with their account. If a customer has a subscription associated with his or her account, the checkbox to elect to save the payment method on checkout is required to be checked, and an error explaining this is displayed if it is unchecked. | <wrap important>Customers can have one and //only one// saved payment method</wrap> associated with their account. If a customer has a subscription associated with his or her account, the checkbox to elect to save the payment method on checkout is required to be checked, and an error explaining this is displayed if it is unchecked. |
| |
| What is important to note is that if a customer has an active subscription being paid for by credit card xxxx1234 and makes another purchase in the future using card xxx5678, that new card becomes the only saved payment method for the customer, and all active subscriptions will use that new card when they run. (While this may sound problematic, in 3+ years we haven't heard of it being an issue. That said, if you have a situation where multiple separate payment methods are required please [[http://forum.foxycart.com/|let us know]].) | What is important to note is that if a customer has an active subscription being paid for by credit card xxxx1234 and makes another purchase in the future using card xxx5678, that new card becomes the only saved payment method for the customer, and all active subscriptions will use that new card when they run. (While this may sound problematic, in 3+ years we haven't heard of it being an issue. That said, if you have a situation where multiple separate payment methods are required please [[http://forum.foxycart.com/|let us know]].) |
| |
| ===== Synchronizing Users and Passwords ===== | ===== Synchronizing Users and Passwords ===== |
| | <wrap tip>FoxyCart v0.7.1+ have significantly improved functionality in this area.</wrap> Please check the latest documentation for more information. |
| | |
| Because FoxyCart was built from the ground up to augment and not replace external systems, it is a common occurrence that FoxyCart customer records will need to be created or updated from an external system, or that FoxyCart customers will need to automatically create users in external systems (like a CMS or CRM). Typically an integration like this will primarily use [[.:advanced:transaction_xml_datafeed|the Transaction XML Datafeed]] and [[.:advanced:api|the API]] to create and sync users, and [[.:advanced:sso|Single Sign-On (SSO)]] to make the customer checkout experience seamless. | Because FoxyCart was built from the ground up to augment and not replace external systems, it is a common occurrence that FoxyCart customer records will need to be created or updated from an external system, or that FoxyCart customers will need to automatically create users in external systems (like a CMS or CRM). Typically an integration like this will primarily use [[.:advanced:transaction_xml_datafeed|the Transaction XML Datafeed]] and [[.:advanced:api|the API]] to create and sync users, and [[.:advanced:sso|Single Sign-On (SSO)]] to make the customer checkout experience seamless. |
| |
| While the possibilities for this type of synchronization are near limitless, the single most important thing is usually the customer's password. FoxyCart customer passwords are available via the API as either SHA-1 or MD5 [[http://en.wikipedia.org/wiki/Hash_function|hashes]] (depending on the selection in the FoxyCart store's advanced settings). (If you need alternate hashing methods please [[http://forum.foxycart.com/|let us know]].) While the initial user creation is generally straightforward it can get tricky to maintain sync when passwords are reset, so if you tackle an advanced integration you must ensure that any and all password resetting functionality on your systems simultaneously updates the FoxyCart customer record. | While the possibilities for this type of synchronization are near limitless, the single most important thing is usually the customer's password. FoxyCart customer passwords are returned by the XML datafeed and the API as [[wp>Hash_function|hashes]], and not the actual cleartext password. While the initial user creation is generally straightforward it can get tricky to maintain sync when passwords are reset, so if you tackle an advanced integration you must ensure that any and all password resetting functionality on your systems simultaneously updates the FoxyCart customer record. |
| |
| Once the user creation and synchronization functionality is handled, [[.:advanced:sso|Single Sign-On (SSO)]] allows a customer who's already logged into the merchant's site to continue through to checkout with their user already loaded. This prevents users from needing to log in once to a site, then again on checkout. (SSO checkouts require the [[http://en.wikipedia.org/wiki/Card_Security_Code|CSC]] to be entered, in order to minimize the risk of a malicious user stealing a cookie and processing an order using saved payment information.) | <wrap important>FoxyCart v0.7.1+ offers significantly improved password hashing support, as well as customer-specific hashing methods.</wrap> FoxyCart v0.7.0 only supports the following hashing methods (in alphabetical order, and in PHP pseudocode, using ''$'' to denote a variable, ''.'' to denote concatenation, and a single quote to encapsulate a string) on a //per-store// and not per-user basis: |
| |
| | ; ''md5'' |
| | : **Method:** ''md5($password)'' |
| | : **Configuration:** n/a |
| | : **Notes:** This is provided for legacy purposes, as many older systems may use unsalted MD5 hashes. It is not recommended unless you need to sync with a system that requires it. |
| | ; ''sha1'' |
| | : **Method:** ''sha1($password)'' |
| | : **Configuration:** n/a |
| | : **Notes:** This is provided for legacy purposes, as many older systems may use unsalted MD5 hashes. It is not recommended unless you need to sync with a system that requires it. |
| |
| ===== Updating Customer Information ===== | If you need alternate hashing methods please [[:static:upgrading|upgrade]], as FoxyCart v0.7.1 supports many more hashing methods. |
| FoxyCart allows customers to update their account and billing information by going to the checkout with the [[v:0.7.0:cheat_sheet|''cart=updateinfo'' parameter]] passed into a cart request. This will bypass the cart and send the user straight to a modified checkout template, and will prompt the customer to enter their email address and password. Upon successful authentication their saved information will be presented, at which point the customer can enter their new information and click the button to update their information. | |
| | |
| A "receipt" email will be sent to the customer when the ''updateinfo'' process is completed. Take a look at the default receipt email templates for examples of what it looks like. (We recommend using the HTML versions of the receipt emails.) | |
| |
| | Once the user creation and synchronization functionality is handled, [[.:advanced:sso|Single Sign-On (SSO)]] allows a customer who's already logged into the merchant's site to continue through to checkout with their user already loaded. This prevents users from needing to log in once to a site, then again on checkout. (SSO checkouts require the [[wp>Card_Security_Code|CSC]] to be entered, in order to minimize the risk of a malicious user stealing a cookie and processing an order using saved payment information.) |
| |
| ===== Viewing Customer Transactions ===== | ===== Viewing Customer Transactions ===== |
| While a store admin can easily view and filter transactions by a number of criteria (including by customer email) both in the store admin as well as via the API, FoxyCart does not currently provide a method for a customer to view their own order history. We have discussed adding a customer portal in a future version, so if this appeals to you please [[http://requests.foxycart.com/forums/4162-general-requests/suggestions/1104571-customer-portal-to-view-transactions-subscription|let us know]]. | While a store admin can easily view and filter transactions by a number of criteria (including by customer email) both in the store admin as well as via the API, FoxyCart does not currently provide a method for a customer to view their own order history. We have discussed adding a customer portal in a future version, so if this appeals to you please [[http://requests.foxycart.com/forums/4162-general-requests/suggestions/1104571-customer-portal-to-view-transactions-subscription|let us know]]. |
| |
| |
| |
| |
| |
| |
