public void UpdatePassword(Usuario usuario, bool expired = false)
{
try
{
var userDb = _crudUsuario.RetrieveAuth <Usuario>(usuario);
if (userDb == null)
{
throw new BusinessException(204);
}
var mngConfig = new ConfiguracionManager();
var config = mngConfig.RetrieveConfiguracion();
// Validate password length
if (usuario.Password.Length < config.CantCaracteresContrasena)
{
throw new BusinessException(206);
}
usuario.PasswordSalt = userDb.PasswordSalt;
usuario.PasswordHash = GenerateHash(usuario.Password, usuario.PasswordSalt);
usuario.PasswordLastSet = DateTime.Now;
// Validate password has not been used before.
var newPassword = new HistorialContrasena
{
Fecha = usuario.PasswordLastSet,
Email = usuario.Email,
PasswordHash = usuario.PasswordHash,
Count = config.CantContrasenasAnteriores
};
var historial = _crudContrasena.Retrieve <HistorialContrasena>(newPassword);
if (historial != null)
{
throw new BusinessException(205);
}
_crudUsuario.UpdatePassword(usuario);
// Record password has in history
_crudContrasena.Create(newPassword);
//Clean up password history
_crudContrasena.Delete(newPassword);
}
catch (Exception e)
{
ExceptionManager.GetInstance().Process(e);
}
}
