User account management

[drzax]

How should we do user account management?

I'm leaning toward passwordless magic link user account management similar to Medium with email address as the unique identifier.

I think we should separate the user and keys tables in the database. Then a user could manage all of their keys from a single 'account'.

[colingourlay]

I'm down with both those suggestions. Separating keys makes sense for multi-key management. Magic link sign in means we never have to store anything other than email (and FK relationships), and because the main use case here is set & forget, only a few people will actually need to do account management anyway.