public void UpdatePassword(Usuario usuario, bool expired = false) { try { var userDb = _crudUsuario.RetrieveAuth <Usuario>(usuario); if (userDb == null) { throw new BusinessException(204); } var mngConfig = new ConfiguracionManager(); var config = mngConfig.RetrieveConfiguracion(); // Validate password length if (usuario.Password.Length < config.CantCaracteresContrasena) { throw new BusinessException(206); } usuario.PasswordSalt = userDb.PasswordSalt; usuario.PasswordHash = GenerateHash(usuario.Password, usuario.PasswordSalt); usuario.PasswordLastSet = DateTime.Now; // Validate password has not been used before. var newPassword = new HistorialContrasena { Fecha = usuario.PasswordLastSet, Email = usuario.Email, PasswordHash = usuario.PasswordHash, Count = config.CantContrasenasAnteriores }; var historial = _crudContrasena.Retrieve <HistorialContrasena>(newPassword); if (historial != null) { throw new BusinessException(205); } _crudUsuario.UpdatePassword(usuario); // Record password has in history _crudContrasena.Create(newPassword); //Clean up password history _crudContrasena.Delete(newPassword); } catch (Exception e) { ExceptionManager.GetInstance().Process(e); } }