feat: Implement modal-based MFA step-up

src/pages/Auth.tsx

@@ -121,6 +121,24 @@ export default function Auth() {
       
       // Track auth method for audit logging
       setAuthMethod('password');
+
+      // Check if MFA step-up is required
+      const { handlePostAuthFlow } = await import('@/lib/authService');
+      const postAuthResult = await handlePostAuthFlow(data.session, 'password');
+
+      if (postAuthResult.success && postAuthResult.data.shouldRedirect) {
+        console.log('[Auth] MFA step-up required');
+        
+        // Get the TOTP factor ID
+        const { data: factors } = await supabase.auth.mfa.listFactors();
+        const totpFactor = factors?.totp?.find(f => f.status === 'verified');
+        
+        if (totpFactor) {
+          setMfaFactorId(totpFactor.id);
+          setLoading(false);
+          return; // Stay on page, show MFA modal
+        }
+      }
       
       console.log('[Auth] Sign in successful', {
         user: data.user?.email,