Set secure flag for remember_me cookie

[paderinandrey]

Added the ability to set the secure flag for the remember_me cookie

Please ensure your pull request includes the following:

• [x] Description of changes
• [x] Update to CHANGELOG.md with short description and link to pull request
• [x] Changes have related RSpec tests that ensure functionality does not break

[joshbuker]

Ah, so this allows users to set secure cookies to true without needing force_ssl = true.

Just to sanity check, @paderinandrey does your use-case prevent you from using force_ssl (which also enables secure cookies)?