2779502f3b
Six tests covering: load() exposes ?registered and ?reason; action returns 400 on missing email; 401 with INVALID_CREDENTIALS on backend reject; success re-emits fa_session and deletes legacy auth_token; 500 when backend omits fa_session in Set-Cookie. Closes the frontend coverage gap on the credential- handling logic that moved out of the Java side. Addresses PR #612 / Sara S1. Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
3.6 KiB
3.6 KiB