**Why**: To be able to support Rails 5 without deprecation warnings,
we need to replace `before_filter` with `before_action`.
`before_action` is not supported in Rails 3.2, so we need to bump the
major version number since this will be a breaking change for people
who can't upgrade Rails.
This makes the gem store a signed cookie for a configurable amount of
time that allows the user to bypass 2FA. Our use-case for this is that
we expire user’s Devise sessions after 12 hours, but don’t want to
force them to authenticate using 2FA every day.
Signed cookies are available since Rails 3. This requires the signing
functionality to be properly configured, but is disabled by setting the
config variable to `0`, the default.
Moncef Belyamani
Eugene Surzhko
Marc Lennox
Dmitrii Golub
Kevin Pheasey
Paul Bowsher
JD Trout
Laust Rud Jacobsen
Karol Sarnacki
Ross Kaffenberger
Matt Mueller
Edger
John Bradley