I don’t think that disabling admin-post.php is a good idea. Such solution may break WP, some plugins and themes.
But there is another, much simpler solution. Just add your action for admin_post (without nopriv) and process it properly – so if it’s a login action and user is already logged in, redirect him to proper url…