Hey @pullbear12, you can achieve that by using this:
Fetch the user existing password by filtering it using user_email or user_id from params.
const user = await strapi.db.query("plugin::users-permissions.user").findOne({
where: { email: params.user_email.toLowerCase() },
});
Then use the below:
const validPassword = await strapi.plugins['users-permissions'].services.user.validatePassword(params.current_password, user.password);
This will return true if the current password matches.
Hope this helps you 