So you can have users login so long as you are not formatting the password with the sha1 correct?
This means that you are not storing the password encrypted in the db. You must have an encrypted password in your db for that user in order to use this functionality when logging in.
It is only when you store an encrypted password that you need to format the user's entered password with sha1. If you are not storing the password in sha1 format then you should not format the user's password when they are logging in.