Add flag for disabling new logins

[sethmlarson]

What's the problem this feature will solve?

Credential stuffing attacks are becoming more common. It may be useful to have a flag which disables or restricts logins to prevent credential stuffing attacks from having a widespread impact. Having a flag allows us to regroup and determine next steps without being on a clock.

We already do a great job by having a IP address rate limit and requiring 2FA (so hopefully accounts of high value have already added 2FA?) and having metrics monitoring for login failures so we'd hopefully never need to use the flag. This feature came up in a discussion about credential stuffing that affected other services. I think a fine outcome of this issue is to decide we don't need such a flag.

Other thoughts:

• Maybe can limit logging in to non-2FA accounts instead of all accounts?
• Mike also suggested alternatives such as requiring solving a captcha to login instead of disabling logins completely.

[woodruffw]

In terms of implementation, this would probably another flag under AdminFlagValues:

warehouse/warehouse/admin/flags.py

Lines 21 to 31 in 4d26285

	class AdminFlagValue(enum.Enum):
	DISABLE_ORGANIZATIONS = "disable-organizations"
	DISALLOW_DELETION = "disallow-deletion"
	DISALLOW_NEW_PROJECT_REGISTRATION = "disallow-new-project-registration"
	DISALLOW_NEW_UPLOAD = "disallow-new-upload"
	DISALLOW_NEW_USER_REGISTRATION = "disallow-new-user-registration"
	DISALLOW_OIDC = "disallow-oidc"
	DISALLOW_GITHUB_OIDC = "disallow-github-oidc"
	DISALLOW_GOOGLE_OIDC = "disallow-google-oidc"
	DISALLOW_ACTIVESTATE_OIDC = "disallow-activestate-oidc"
	READ_ONLY = "read-only"