`BELONGS_TO` means a user owns an email address. `PRIMARY_EMAIL` means a
user authenticates with that email.
So right now, you get a proper error message if you try to change your
email back to your old email address (because you own it already).
I will make sure to delete the old email so this will be no problem
anymore. But maybe in the future we might have multiple email addresses
per user and then it makes a big difference to use `PRIMARY_EMAIL` or
`BELONGS_TO`.
It might be that people try to register email addresses that they don't own. Then if the actual owner tries to add this email address, she should not get a unique constraint violation. Instead the email will be re-used.
Is this a security issue? Because we re-use the nonce? 🤔
