I believe the inconveniences are worth it when your users aren't power users or even that proficient with a computer; and your users select passwords like "snoopy55" or "ilovejesus".
If the aim of the game is to produce a non-critical system that's accessed rarely, and your users need protecting against themselves, then this "magic token" approach works fine.
I can't please everyone, and those who I can't please I'm happy to lose as (paying) users/customers.
Those people are also far more likely to have their email breached, along with the logins you provided on a silver platter. Also they can't log in to your site when the third party email provider goes down. I understand why you prefer this approach for your site, but can not recommend having such strong third party dependencies.
Also, personally, not a fan of losing access because e.g: Google disabled my account. I avoid google and fb login like the plague. (I am slowly looking to migrate off/away)
If the aim of the game is to produce a non-critical system that's accessed rarely, and your users need protecting against themselves, then this "magic token" approach works fine.
I can't please everyone, and those who I can't please I'm happy to lose as (paying) users/customers.