I can confirm that for all of “Email and password”, “Google”, “Facebook” and “Azure AD” login methods, we use the account’s primary email address, and match it against the email column. This means that if I log into an app as meredydd@anvil.works, it doesn’t matter whether I logged in via Google or with a password – I’ll be in the same account.
(If you want, you can of course build a different policy. Authenticate the user however you like – whether with a built-in service like Google or something hand-rolled – find the row in the Users table corresponding to the user you want to log in as, then call anvil.users.force_login() with that row.)