update tests

Author: fayedraza1234

.secrets.baseline

@@ -170,14 +170,14 @@
         "filename": "auth_platform/auth_platform_tests/test_auth.py",
         "hashed_secret": "9d4e1e23bd5b727046a9e3b4b7db57bd8d6ee684",
         "is_verified": false,
-        "line_number": 51
+        "line_number": 57
       },
       {
         "type": "Secret Keyword",
         "filename": "auth_platform/auth_platform_tests/test_auth.py",
         "hashed_secret": "df9dd14cbdb3b00f8a54b66f489241e8aeb903ff",
         "is_verified": false,
-        "line_number": 63
+        "line_number": 69
       }
     ],
     "auth_platform/auth_platform_tests/test_password_reset.py": [
@@ -199,5 +199,5 @@
       }
     ]
   },
-  "generated_at": "2025-11-17T01:02:39Z"
+  "generated_at": "2025-11-17T01:05:57Z"
 }

auth_platform/auth_platform_tests/test_auth.py

@@ -38,10 +38,16 @@ def test_register_and_login(client):
     }
     register = client.post("/register", json=register_data)
     assert register.status_code == 200
+    # Registration now auto-enables 2FA
+    assert "otpauth_uri" in register.json()
+    assert register.json()["requires_2fa_setup"] is True
 
+    # Login now requires 2FA
     login = client.post("/login", json={"username": username, "password": password})
     assert login.status_code == 200
-    assert "access_token" in login.json()
+    # Should require 2FA verification
+    assert "requires2fa" in login.json()
+    assert login.json()["requires2fa"] is True
 
 
 def test_register_missing_fields(client):
@@ -71,6 +77,8 @@ def test_login_invalid_password(client):
     }
     reg = client.post("/register", json=register_data)
     assert reg.status_code == 200
+    # Registration now auto-enables 2FA
+    assert "otpauth_uri" in reg.json()
 
     # Try to login with wrong password
     bad_login = client.post("/login", json={"username": username, "password": "wrongpassword"})