`heroku drains` on paranoid apps reveals information before 2FA

[cdwort]

When I run heroku drains -a my-paranoid-app, I get this response:

$ heroku drains -a my-paranoid-app
=== Drains
https://password@user.log-drain-recipient.com/drain-endpoint
Two-factor code:

When I enter the wrong code, I see that information again:

$ heroku drains -a my-paranoid-app
=== Drains
https://password@user.log-drain-recipient.com/drain-endpoint
Two-factor code: ****
=== Drains
https://password@user.log-drain-recipient.com/drain-endpoint
 ▸    Supplied two-factor auth code is invalid.

When I do enter the correct code, I get the drain information twice:

$ heroku drains -a my-paranoid-app
=== Drains
https://password@user.log-drain-recipient.com/drain-endpoint
Two-factor code: ****
=== Drains
https://password@user.log-drain-recipient.com/drain-endpoint
=== Add-on Drains
addon1:plan1 (addon-install-haiku1)
addon2:plan2 (addon-install-haiku2)

[cdwort]

I was also not asked for my 2FA key when removing said drain.

[jdx]

For the removal, the CLI does not dictate what requires 2fa and what doesn't, that is driven by the API. I put a PR in to fix the display issue.