General Tidy Up and Code Review

OK, there is more to do here... but in a nutshell:

Large scale clean up to reduce complexity and improve on single responsibility principle

Remove any responsibility of the receipient from Auth Token
Remove recipient_email from AuthToken - no longer needed
Greatly simplify AuthTokenController
Removing generating temporary auth_tokens, not needed
Remove need AuthToken#generate, rely on before_validation AuthToken#set_defaults method
Move validation from auth_token_controller into models/auth_token
Move session[:validated_email] into a set of helper methods
Rename ApplicationController#check_session into the consistent session helper methods
Simplify and split :open, :limited and :closed system checks into auth_token and secret
Require both the secret UUID and correct key to show a secret (helps prevent fishing)
Validate the recipients email when they click the link and the secret key is correct
Move validation from secret_controller into models/secret
Adds reply_to on email per issue #31 (snuck in there)
Remove SecretService.encrypt_existing_secret
Remove need to pass around request host, use _url route helper in mailers instead
Improve feedback to user with better error messages
Remove error trace dump from error message, report to Bugsnag instead
Remove ability (and need) to edit secrets at all
- Note, we could add this back once we have validated users
Some prep to migrate to UUIDs as IDs on models
Remove unused ApplicationController#development method
Adding foreman, byebug and binding of caller, removing old pry

reinteractive / secretlink