Remove controller-level force_ssl checks.

Obsoleted by force_ssl being globally enabled by default.

app/controllers/application_controller.rb

@@ -11,7 +11,6 @@ class ApplicationController < ActionController::Base
   before_action :set_safe_mode
   # before_action :secure_cookies_check
   layout "default"
-  force_ssl :if => :ssl_login?
   helper_method :show_moderation_notice?
   before_action :enable_cors
 
@@ -32,10 +31,6 @@ class ApplicationController < ActionController::Base
     CurrentUser.can_approve_posts? && (cookies[:moderated].blank? || Time.at(cookies[:moderated].to_i) < 20.hours.ago)
   end
 
-  def ssl_login?
-    cookies[:ssl_login].present?
-  end
-
   def enable_cors
     response.headers["Access-Control-Allow-Origin"] = "*"
   end

app/controllers/user_upgrades_controller.rb

@@ -1,7 +1,6 @@
 class UserUpgradesController < ApplicationController
   before_action :member_only, :only => [:new, :show]
   helper_method :user
-  force_ssl :if => :ssl_enabled?
   skip_before_action :verify_authenticity_token, only: [:create]
 
   def create
@@ -57,8 +56,4 @@ class UserUpgradesController < ApplicationController
 
     redirect_to user_upgrade_path
   end
-
-  def ssl_enabled?
-    !Rails.env.development? && !Rails.env.test?
-  end
 end

app/logical/session_creator.rb

@@ -28,14 +28,6 @@ class SessionCreator
         }
       end
 
-      if secure
-        cookies.permanent[:ssl_login] = {
-          :value => "1",
-          :secure => true,
-          :httponly => true
-        }
-      end
-
       session[:user_id] = user.id
       user.update_column(:last_ip_addr, ip_addr)
       return true