Describe the bug

FastAPI Users doesn't correctly handle Gmail addresses with dots. Gmail treats addresses with and without dots as the same (e.g., [email protected] and [email protected] are identical), but FastAPI Users allows creating separate accounts for these variations. This can lead to security and user management issues.

To Reproduce

Steps to reproduce the behavior:

1. Set up a FastAPI Users instance with email authentication.
2. Create a user account with the email [email protected].
3. Attempt to create another account with the email [email protected].
4. Observe that the second account is created successfully, despite representing the same Gmail address.

Expected behavior

FastAPI Users should recognize that Gmail addresses with different dot placements are equivalent and prevent the creation of duplicate accounts. When attempting to create an account with a Gmail address that's identical except for dot placement, it should either:

• Reject the new account creation, or
• Treat it as a login attempt for the existing account

Configuration

Python version: 3.12
FastAPI version: 0.111.0
FastAPI Users version: 13.0.0

Additional context

• This issue only affects Gmail addresses, as other email providers may treat dots differently.
• Implementing a fix will require careful consideration of existing user accounts and potential database migrations.
• A similar approach might be needed for Gmail's "+" alias feature (e.g., [email protected]).
• Reference: Gmail Help: Using dots in Gmail addresses