The reason this functionality broke is a different implementation of Mendix's Core.InitializeSession(user, sessionID) method, which is used to upgrade the anonymous session to a full session. In Mendix 6, you keep your old sessionID. In Mendix 7, a new sessionID is created. This means that for Mendix 7, you will need to update the user's cookie. To do so, you need a request handler.
Please see the upgraded module I've sent you through email.
Are anonymous user enabled?
Yes because in this way 2FA is activated.