Untitled

   def self.authenticate(email, password)
     user = find_by_email(email)
     if user
       if user.encrypted_password == Digest::SHA1.hexdigest(password) # This is for backwards-compatibility because I changed the encryption method.
         user.encrypt_password                                        # It can be removed once all user records have encrypted_password = NULL
         user.update_attribute('encrypted_password', nil)
         user
       elsif user.password_hash == BCrypt::Engine.hash_secret(password, user.password_salt)
         user
       end
     else
       nil
     end
   end