php - How Reliable the Login System, Where Database Has No Unique Column and Email Can Be Duplicatable

Closed. This question needs to be more focused. It is not currently accepting answers.

Answer

Solution:

Since the question is "How reliable". The answer is: It can be very reliable.

You still have a unicity in Domain+email. You will need to rework your auth middlewares and have the Domain as a requirement for each interraction with authentified routes (session, url, or other solutions) And rework your Authentification controllers.

About the structure, it's up to you to decide if you should have:

a unique user across all domains:
- Have a pivot table between users and domains to link the user to each domain with the password in the pivot table (if you want different password per domain)
- Pros: You can have only one profile editing across all domains.
- Cons: manage a many to many relation.
Multiple users with same email but unique combination email + domain.
- Pros: none
- Cons:
  - profile updating (password/image/statuses/...)
  - redondancy and lack of integrity
  - Relation between users and other models that are independant of the domain.

Source