Add cookie to known sign in check

Previously GitLab only validated a user's remote IP address when
checking if the sign in was known. This adds an encrypted cookie
with an expiry. An unknown sign in email will only be sent if
neither the remote IP nor the cookie can be validated.