What happens when identity users change their email addresses?

[abitdodgy]

When using identity login Ueberauth stores the email address in the authorizations schema. The provider is set to identity and the uid to the email address. What happens a user changes his or her email address? The uid column in authorizations isn't updated. This is problematic. While it's not hard to solve, I'm not convinced this is a good way to go about this. @hassox what do you think?

[mikeni]

This example has multiple things that I'm not a fan of,

1.) it replaces the authorization only if it expires, I think every time you request a new oauth you should update the expires_at of your access_token
https://github.com/hassox/phoenix_guardian/blob/ueberauth-guardian/web/auth/user_from_auth.ex#L11

2.) if you query an authorization by provider and uid, you don't need to check if uid matches again, it should match since you just queried with it https://github.com/hassox/phoenix_guardian/blob/ueberauth-guardian/web/auth/user_from_auth.ex#L136

I used this tutorial to get started, and I am very grateful, however I ended doing things differently including authenticating off of user table instead of authorizations.