add admin account recovery via setup secret

When email isn't configured, the login page now hides the magic link
form and shows a recovery link. The /recover page logs the setup secret
to server logs and lets the admin reset their password with it.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

test/berrypod_web/live/auth/login_test.exs

@@ -1,5 +1,5 @@
 defmodule BerrypodWeb.Auth.LoginTest do
-  use BerrypodWeb.ConnCase
+  use BerrypodWeb.ConnCase, async: false
 
   import Phoenix.LiveViewTest
   import Berrypod.AccountsFixtures
@@ -75,6 +75,45 @@ defmodule BerrypodWeb.Auth.LoginTest do
     end
   end
 
+  describe "email not configured" do
+    setup do
+      original = Application.get_env(:berrypod, Berrypod.Mailer)
+      Application.put_env(:berrypod, Berrypod.Mailer, adapter: Swoosh.Adapters.Local)
+      on_exit(fn -> Application.put_env(:berrypod, Berrypod.Mailer, original) end)
+      :ok
+    end
+
+    test "hides magic link form and shows recovery link", %{conn: conn} do
+      _user = user_fixture()
+      {:ok, _lv, html} = live(conn, ~p"/users/log-in")
+
+      refute html =~ "Log in with email"
+      assert html =~ "Locked out?"
+      assert html =~ "Recover with setup secret"
+    end
+  end
+
+  describe "email configured" do
+    setup do
+      original = Application.get_env(:berrypod, Berrypod.Mailer)
+
+      Application.put_env(:berrypod, Berrypod.Mailer,
+        adapter: Swoosh.Adapters.Postmark,
+        api_key: "test"
+      )
+
+      on_exit(fn -> Application.put_env(:berrypod, Berrypod.Mailer, original) end)
+      :ok
+    end
+
+    test "shows magic link form and hides recovery link", %{conn: conn} do
+      {:ok, _lv, html} = live(conn, ~p"/users/log-in")
+
+      assert html =~ "Log in with email"
+      refute html =~ "Locked out?"
+    end
+  end
+
   describe "login navigation" do
     test "redirects to setup page when the setup link is clicked", %{conn: conn} do
       {:ok, lv, _html} = live(conn, ~p"/users/log-in")