CREATE TABLE IF NOT EXISTS maplepress.users_by_email (
    tenant_id UUID,
    email TEXT,
    id UUID,
    first_name TEXT,
    last_name TEXT,
    name TEXT,
    lexical_name TEXT,
    timezone TEXT,
    role INT,
    status INT,
    password_hash TEXT,
    password_hash_algorithm TEXT,
    -- Profile data
    phone TEXT,
    country TEXT,
    region TEXT,
    city TEXT,
    postal_code TEXT,
    address_line1 TEXT,
    address_line2 TEXT,
    has_shipping_address BOOLEAN,
    shipping_name TEXT,
    shipping_phone TEXT,
    shipping_country TEXT,
    shipping_region TEXT,
    shipping_city TEXT,
    shipping_postal_code TEXT,
    shipping_address_line1 TEXT,
    shipping_address_line2 TEXT,
    profile_timezone TEXT,
    agree_terms_of_service BOOLEAN,
    agree_promotions BOOLEAN,
    agree_to_tracking_across_third_party_apps_and_services BOOLEAN,
    -- Security data
    was_email_verified BOOLEAN,
    code TEXT,
    code_type TEXT,
    code_expiry TIMESTAMP,
    otp_enabled BOOLEAN,
    otp_verified BOOLEAN,
    otp_validated BOOLEAN,
    otp_secret TEXT,
    otp_auth_url TEXT,
    otp_backup_code_hash TEXT,
    otp_backup_code_hash_algorithm TEXT,
    -- Timestamps
    created_at TIMESTAMP,
    updated_at TIMESTAMP,
    -- Metadata
    created_by_user_id TEXT,
    created_by_name TEXT,
    modified_by_user_id TEXT,
    modified_at TIMESTAMP,
    modified_by_name TEXT,
    last_login_at TIMESTAMP,
    -- CWE-359: IP address tracking for GDPR compliance (90-day retention)
    created_from_ip_address TEXT,
    created_from_ip_timestamp TIMESTAMP,
    modified_from_ip_address TEXT,
    modified_from_ip_timestamp TIMESTAMP,
    PRIMARY KEY ((tenant_id, email))
);