Instead of presenting a sign up form to the user, consider creating a temporary guest record so the user can try out the application without filling in their information up front. They can then become a permanent member afterwards.
Keeping passwords and secret tokens in source control is a security risk. Here I show how to move these settings out into a YAML configuration file which can be loaded in as a hash or environment variables.
Authorization can be difficult to implement and test because it often involves complex logic that exists throughout the entire app. Here I demonstrate how to test and implement authorization from scratch.
RubyGems can make it easy to add a feature to a Rails application, but it can also cause headaches down the road. Here I give some tips on researching gems to decide which one to choose, or when to do it from scratch.