265 logged in user cannot see their own private files raw

[notKamui]

Closes #265

Added two new environment variables (YOU MUST CHECK THEM OUT):

• HEDERA_SECURE_COOKIES (default true): whether cookies should be secure or not
• HEDERA_SERVER_PROXIED (default false): to tell hedera whether or not to handle (X)ForwardedHeaders headers or not

This is extremely important because cookies can be secure ONLY in the context of SSL. If the server is not secured behind an SSL certificate, the user will get this error on login

This is also why we need to let the user choose if the server is proxied, to check the SSL certificate one level higher. (we should test this further)

[notKamui]

still needs to be tested in prod mode

[notKamui]

Seems good, do check the description of the PR