making sure this is up to date

app/controllers/application_controller.rb

@@ -9,7 +9,10 @@ class ApplicationController < ActionController::Base
   private
 
   def current_user
-    @current_user ||= (User.find_by_auth_token(cookies[:auth_token].to_s) || User.find_by_user_id(session[:user_id].to_s))
+    @current_user ||= (
+      User.find_by_auth_token(cookies[:auth_token].to_s) || 
+      User.find_by_user_id(session[:user_id].to_s)
+    )
   end
 
   def authenticated

app/controllers/sessions_controller.rb

@@ -8,7 +8,6 @@ class SessionsController < ApplicationController
       redirect_to home_dashboard_index_path if current_user
   end
   
-
   def create
       path = params[:url].present? ? params[:url] : home_dashboard_index_path    
       begin
@@ -23,7 +22,6 @@ class SessionsController < ApplicationController
           cookies.permanent[:auth_token] = user.auth_token if User.where(:user_id => user.user_id).exists?
         else
           session[:user_id] = user.user_id if User.where(:user_id => user.user_id).exists?
-        #cookies[:auth_token] = user.auth_token if User.where(:user_id => user.user_id).exists?
         end
         redirect_to path
       else

app/models/key_management.rb

@@ -1,5 +1,6 @@
 class KeyManagement < ActiveRecord::Base
   attr_accessible :iv, :user_id
   belongs_to :work_info
+  belongs_to :user
   
 end

app/models/user.rb

@@ -64,8 +64,6 @@ private
    end
 =end  
 
-
-    
   def assign_user_id
      unless @skip_user_id_assign.present? || self.user_id.present?
       user = User.order("user_id").last
@@ -82,9 +80,42 @@ private
     end
   end
   
+  # Added a re-usable encryption routine, shouldn't be an issue!
+  def encrypt_sensitive_value(val="")
+     aes = OpenSSL::Cipher::Cipher.new(cipher_type)
+     aes.encrypt
+     aes.key = key
+     aes.iv = iv if iv != nil
+     #self.encrypted_ssn = aes.update(self.SSN) + aes.final
+     #self.SSN = nil
+  end
+  
+  def decrypt_ssn
+     aes = OpenSSL::Cipher::Cipher.new(cipher_type)
+     aes.decrypt
+     aes.key = key
+     aes.iv = iv if iv != nil
+     #aes.update(self.encrypted_ssn) + aes.final
+  end
+  
+  # Should be able to just re-use the same key we already have!
+  def key
+    raise "Key Missing" if !(KEY)
+    KEY
+  end
+  
+  def iv
+    raise "No IV for this User" if !(self.key_management.iv)
+    #self.key_management.iv
+  end
+  
+  def cipher_type
+    'aes-256-cbc'
+  end
+  
   def generate_token(column)
     begin
-      self[column] = SecureRandom.urlsafe_base64
+      #self[column] = 
     end while User.exists?(column => self[column])
   end