The OTP input form is shared by both LDAP and standard logins, but when
coming from an LDAP-based form, the form parameters aren't nested in a
Hash based on the `resource_name` value.

Now we check for a nested `remember_me` parameter and use that if it
exists, or fall back to the non-nested parameters if it doesn't.

Somewhat confusingly, the OTP input form _does_ nest parameters under
the `resource_name`, regardless of what type of login we're coming from,
so that allows everything else to work as normal.