Block password-based login for certain users

In !59673 (merged) we added the possibility to change password by group SAML users.

However, we also found out that there are no checks during login if user are allowed to use password-based login.

To make functionality from mentioned MR fully working, we need to protect two entry-points for password-based login: logging in through UI and logging in using git over http.