Great question. We faced the same problem - there are a couple of approaches here:

1. As a product, we can decide that we will only allow logins with either email or phone number. If FB doesn't return you an email - which means user signed up with phone number, you can throw an error saying that - We cannot associate accounts with emails not specified. This can work if emails is absolutely needed for your product - but this will not provide a great experience to the user.

2. Another way is to store the user id not just as email but instead support both - something like phone:XXXXXXX or email:XXXXXXX - this way you can validate based on the FB return data if the email or the phone combination is present in your DB. This will allow us to allow signin with both.

In this blog, I had only talked about email - but the #2 approach will actually support both phone and email and should be a better approach going ahead.