Sometimes the django application is deployed behind a reverse-proxy which manage HTTPS. In such case, django think the connection is plain HTTP unless SECURE_PROXY_SSL_HEADER is set and the reverse-proxy sets the appropriate header/value.
Users need to register, login, logout and reset their password.
