My question is related to git pushes using HTTPS. HTTPS push requests a valid login and password to be accepted. However, these credentials can be completely unlinked to the ones used in the commits.
Is there a way to block HTTPS pushes with credentials different from the last commit being pushed?
Alternatively, a SSH-only authentication would prevent this from happening?
The credentials you are referring to are the login credentials of the internet hosting service (e.g. GitHub, GitLab, etc.) that you are using for your remote.
Those are totally independent from the email address associated with commits you author (that email address is part of your Git configuration).
Since these are completely independent, there is no mechanism to do what you are looking for. SSH authentication would not help since, again, the credentials to the internet service hosting your remote and commits email addresses have nothing to do with one another.
To clarify these concepts:
Login credentials or SSH key pair in online remote hosting services
The role is security, i.e. identity authentication ensuring that you have write access to the remote.
Email address associated with commits
This is a piece of information (along with date and time, author name, and commit message) that Git associates with any commit. You can view this information in Git logs.
So the email address you use to login to GitHub, GitLab, etc. and the email address you have in your Git config can be the same or different. It does not matter at all.