diff --git a/app/controllers/api/v0/base_controller.rb b/app/controllers/api/v0/base_controller.rb
index d96a20f..020b268 100644
--- a/app/controllers/api/v0/base_controller.rb
+++ b/app/controllers/api/v0/base_controller.rb
@@ -102,9 +102,11 @@
 
       def authenticate_token
         authenticate_with_http_token do |token, options|
+          # reject the empty string as it is our base empty token
           if !token = ""
             @token = token
             @user = User.find_by(api_token: token)
+            # if no user found, return false, otherwise true
             !@user.nil?
           else
             false
diff --git a/config/environment/development.rb b/config/environment/development.rb
index f594bf2..ac714c2 100644
--- a/config/environment/development.rb
+++ b/config/environment/development.rb
@@ -6,19 +6,26 @@
   # since you don't have to restart the web server when you make code changes.
   config.cache_classes = false
 
-  # Do not eager load code on boot.
-  config.eager_load = false
+  # Log error messages when you accidentally call methods on nil.
+  config.whiny_nils = true
 
-  # Show full error reports and disable caching.
+  # Show full error reports and disable caching
   config.consider_all_requests_local       = true
   config.action_controller.perform_caching = false
 
-  # Don't care if the mailer can't send.
-  config.action_mailer.raise_delivery_errors = false
+  # Don't care if the mailer can't send
+  config.action_mailer.raise_delivery_errors = true
 
-  # Print deprecation notices to the Rails logger.
+  # Print deprecation notices to the Rails logger
   config.active_support.deprecation = :log
 
+  # Only use best-standards-support built into browsers
+  config.action_dispatch.best_standards_support = :builtin
+
+  # Raise exception on mass assignment protection for Active Record models
+  config.active_record.mass_assignment_sanitizer = :strict
+
+
   # Raise an error on page load if there are pending migrations.
   config.active_record.migration_error = :page_load
 
@@ -27,6 +34,8 @@
   # number of complex assets.
   config.assets.debug = true
 
+  config.assets.compress = false
+
   # Asset digests allow you to set far-future HTTP expiration dates on all assets,
   # yet still be able to expire them through the digest params.
   config.assets.digest = true
@@ -40,4 +49,10 @@
   # config.action_view.raise_on_missing_translations = true
   #
   config.action_mailer.perform_deliveries = false
+
+  config.web_console.whitelisted_ips = '192.168.33.1'
+
+
 end
+
+BetterErrors::Midleware.allow_ip! "10.0.2.2" if defined?(BetterErrors) && Rails.env == :development
diff --git a/db/schema.rb b/db/schema.rb
index 6336aa9..52588cc 100644
--- a/db/schema.rb
+++ b/db/schema.rb
@@ -11,7 +11,7 @@
 #
 # It's strongly recommended that you check this file into your version control system.
 
-ActiveRecord::Schema.define(version: 20160615095101) do
+ActiveRecord::Schema.define(version: 20160719102542) do
 
   create_table "answers", force: true do |t|
     t.text     "text"
@@ -334,14 +334,6 @@
     t.datetime "updated_at"
   end
 
-  create_table "token_permissions", force: true do |t|
-    t.string   "api_token"
-    t.datetime "created_at"
-    t.datetime "updated_at"
-    t.integer  "user_id"
-    t.integer  "token_permission_type_id"
-  end
-
   create_table "user_org_roles", force: true do |t|
     t.integer  "user_id"
     t.integer  "organisation_id"