Release v2.1: GDPR, passkeys, session management, admin redesign

Co-authored-by: Cursor <cursoragent@cursor.com>

app/bootstrap.py

@@ -104,9 +104,29 @@ def ensure_photo_storage_column():
     db.session.commit()
 
 
+def ensure_user_privacy_columns():
+    inspector = inspect(db.engine)
+    if "users" not in inspector.get_table_names():
+        return
+    db.session.execute(
+        text(
+            "ALTER TABLE users ADD COLUMN IF NOT EXISTS "
+            "gdpr_accepted_at TIMESTAMP WITH TIME ZONE"
+        )
+    )
+    db.session.execute(
+        text(
+            "ALTER TABLE users ADD COLUMN IF NOT EXISTS "
+            "cookie_analytics BOOLEAN NOT NULL DEFAULT FALSE"
+        )
+    )
+    db.session.commit()
+
+
 def run_schema_migrations():
     ensure_schema()
     ensure_group_limit_columns()
+    ensure_user_privacy_columns()
     from app.folders import ensure_folder_schema
 
     ensure_folder_schema()