@Override
  public boolean save(User user) {
    user.setEnabled(1);
    if (user.getPassword().contains("???")) {
      user.setPassword(user.getPassword().substring(3));
    } else {
      user.setPassword(JCrypt.encrypt(user.getPassword()));
    }

    user = dao.saveOrUpdate(user);
    return true;
  }
  @Override
  public boolean login(String username, String password) {
    log.info(username + " - " + password);

    User user = dao.findByUsername(username.toLowerCase());
    if (user != null) {
      if (user.getPassword() == null) {
        return true;
      }
      return JCrypt.check(password, user.getPassword());
    }
    return false;
  }