Add changePassword hook for meteor legacy

[eric-burel]

Is your feature request related to a problem? Please describe.

Describe the solution you'd like Ad hook here + relevant mutation in Vulcan Describe alternatives you've considered We already have setPassword, but setPassword do not recheck user's password.

[GraemeFulton]

I solved this for myself from by adding a mutation in meteor.

Using Accounts._checkPassword, you can check the user's current password:

addGraphQLMutation('changePasswordNext(userId: String, oldPassword:String, newPassword:String) : JSON');

const resolver = {
    Mutation: {
        async changePasswordNext(root,args,context){
          if(args.userId == context.currentUser._id){
          //check password field
            const check = Accounts._checkPassword(Meteor.users.findOne({_id: context.currentUser._id}), args.oldPassword)
            if(check.error){
              return 'INCORRECT_PASSWORD'
            }else{
              //no error, change password
              if(check.userId= context.currentUser._id){
              //change password from here
               const reset =  Accounts.setPassword(check.userId, args.newPassword)
                return 'SUCCESS'
              }
            }
          }
        }, 

In next, I use it like this:

import { useMutation } from '@apollo/client'

const CHANGE_PASSWORD_MUTATION = gql`
mutation changePasswordMutation($userId:String!, $oldPassword:String!, $newPassword:String!){
  changePasswordNext(userId:$userId, oldPassword:$oldPassword, newPassword:$newPassword)
}
`;

  const [changePassword] = useMutation(CHANGE_PASSWORD_MUTATION)

const changePass = await changePassword({
              variables:{
                userId:props.user._id,
                oldPassword:oldPassword,
                newPassword:newPassword
              }
            })

And my form looks like this, so I fill out oldPassword and newPassword - if oldPassword is wrong, the password is not set.