Facebook API OAuth security

I want to allow users connect to my website using their facebook account.

First, the user authorizes my application and then I get an access token. Problem is, that I'm supposed on the first time to register the user, and the next time to auto login him based on his facebook email.

How do I create a SECURE way to auto login the user? I'm using pure javascript, but I can't find any way to create a secure开发者_JAVA百科 mechanism.

Thanks.

Facebook should handle all that for you - when they come back to your website, they can click the 'login' button(javascript SDK) and facebook should pass you back an access token.

I may, however, have misunderstood the question.