We are trying to develop a system where a person creates an account where the username is the person's email address. The problem is, the person can have his own unique account (where he is the admin), plus be a "user" of someone else's account.
The "admin" of an account would be able to assign a person's email address to their account plus create a password for that person to log in as a user.
In MySQL, we are having a problem trying to identify what account to log the person into since the email address is the unique identifier. Is there a better way of doing this?
Obviously, using unique usernames for each account a person was assigned to would solve this issue but we were hoping to use one email address since it would be less to remember for a user.
Any help would be appreciated!
Separation of Concerns principle applies, Separate the two pieces of functionality, (Logging in, and accessing an account) so that they are separate independant functions....
A User logs in, (email and password simply authenticates that he/she is who they say they are). It is not associated with a single account... Separately, associate each account with those users who are allowed to access it. (In Database, this will be many-to-many table)
Then, if the user is an admin and has access rights to more than one account, then ask him/her which account he/she wishes to access.
This has added benefit that if you have auditing needs, you will be able to record, for auditing purposes, not just which account was being used to perform any business functionality, but the actual user who performed the function...