I think we should do two things here:
- when the user changes their email, scrub their
GoogleUserInforecord if it exists. This avoids the common scenario of “I changed my email and now I can’t login via Google” - when there is a conflict, report a proper error with a useful way forward
EDIT: after further consideration, if the user can login to the Google account then they have access to the account’s email and could perform a local password reset to gain access (if enabled). So I don’t think we’re introducing any problems by scrubbing any existing GoogleUserInfo record if BOTH the google_user_id and email address are different.