I don't know if you've already noticed a bug when updating a user using the same identity from another user.
Example:
Code:
$config['identity'] = 'email';
When I try to update user1's record with user2's email, ion_auth allows it while it should not because the email field acts like a primary key of the users table when it's set as the $config['identity'].
Now, I modified update_user() from ion_auth_model.php into this:
Code:
public function update_user($id, $data)
{
$user = $this->get_user($id)->row();