the simplest way to implement without changing auth table is: 1) user logs in with email/password
2) my app checks if login passed through 3) if not my app checks if the email entered in login matches a list in a different table. 4) if it matches, it checks the password if matches in auth table and if it matches, the login is OK. To make this working I need info on 2) and 4)
