Currently, if I sign up a user with Google and use that same Gmail address to sign up with email and password there is no validation done to make sure that the email is not already in use.
I can use a pre-registration to check but that only works in one direction because the hooks only fire with email/password logins but not with social logins.
Also, I cant use a rule because those run after users are already authenticated.
So what can I do? How do other people deal with this or do they just allow multiple accounts with the same email addresses. I don’t find that allowing this would be good practice.