Today, the user record does not store which third-party identities a user has signed in with. To support multi-provider sign-in and link/unlink in account settings, we need a record per user per provider that captures the provider name, the user's stable identifier on that provider, and the email reported at link time.
Schema
A new user_identities table:
user_id foreign key to users, on_delete: :delete_allprovider string (e.g. "google")provider_user_id string (the IdP sub claim)email string, snapshotted at link timeinserted_at, updated_at
Unique index on (provider, provider_user_id) so two accounts can't claim the same identity.
Today, the user record does not store which third-party identities a user has signed in with. To support multi-provider sign-in and link/unlink in account settings, we need a record per user per provider that captures the provider name, the user's stable identifier on that provider, and the email reported at link time.
Schema
A new
user_identitiestable:user_idforeign key tousers,on_delete: :delete_allproviderstring (e.g."google")provider_user_idstring (the IdPsubclaim)emailstring, snapshotted at link timeinserted_at,updated_atUnique index on
(provider, provider_user_id)so two accounts can't claim the same identity.