Allow customizing whethere the cookie is secure or not

config/initializers/clearance.rb

@@ -2,7 +2,7 @@ Clearance.configure do |config|
   config.allow_sign_up = false
   config.mailer_sender = ENV['SMTP_FROM_ADDRESS']
   config.rotate_csrf_on_sign_in = true
-  config.secure_cookie = true
+  config.secure_cookie = ENV.fetch("SECURE_COOKIE", "true") == "true"
   config.signed_cookie = true
   config.sign_in_guards = ["ActiveGuard"]
 end

env.example

@@ -14,5 +14,6 @@ IFTHENPAY_BO_KEY=XXXX-XXXX-XXXX-XXXX
 IFTHENPAY_AP_KEY=my_anti_phishing_key
 
 BASE_HOST=example.org
+SECURE_COOKIE=true
 RAILS_LOG_TO_STDOUT=true
 RAILS_ENV=production