Allow for 'one of' user identity attributes (e.g. email OR phone)

[jwag956]

We are very close to being able to support not requiring email and allowing registration with one of rather than all of identity attributes.

While registration would be easy to fix, login already works, 'confirmable' and 'changable' would need some thinking.