在轨道上的ruby中未定义的方法'authenticate'？

我是Ruby on Rails应用程序的新手,我已经创建了CRUD但仍然堆叠在Login&Logout功能上.

这是我的Sessions_controller:

def new
end

def create
  user = User.find_by(email: params[:session][:email].downcase)
  if user && user.authenticate(params[:session][:passkey])
    # Log the user in and redirect to the user's show page.
  else
    # Create an error message.
  flash[:danger] = 'Invalid email/password combination' # Not quite right!
    render 'new'
  end
end

def destroy
end

这是我的看法: new.html.erb

<%= form_for(:session, url: login_path) do |f| %>

    <%= f.label :email %>
    <%= f.email_field :email, class: 'form-control' %>

    <%= f.label :passkey%>
    <%= f.password_field :passkey, class: 'form-control' %>

    <%= f.submit "Log in", class: "btn btn-primary" %>
<% end %>

这是我的模特:

class User< ActiveRecord::Base
  validates :first_name, :presence => true, :length => { :in => 3..20 }
  validates :last_name, :presence => true, :length => { :in => 3..20 }
  validates :email, :presence => true, :uniqueness => true, format: { with: /\A[^@\s]+@([^@.\s]+\.)+[^@.\s]+\z/ }
  validates :passkey, :confirmation => true, :length => {:in => 6..20}
end

当我单击"登录"按钮,然后显示此错误:

SessionsController#中的NoMethodError创建未定义的方法`authenticate'for #User:0x0000000d5c65e0>

我该如何解决这个错误？

我正在使用ruby 1.9.7 Rails 4.2.5&mysql2

那对我很有帮助,拜托.