How do I update password with confirming old password?

Your question is a bit vague. If you are asking about ways for user to reset their password with auth, I believe the only option is reset link. I've not spent much time messing with auth though.

Thanks for your reply. I apologize for not clearing my query/question. Now let me clear what I am looking for. This is the profile settings page where logged in user can update their password. I can simply update password via

js
await supabase.auth.update({password: 'new password'})

But I am looking for a solution for verifying current password before updating user password.

Yeah, that was my guess on what you wanted. If there is a way, I'm not familiar with it as I don't think there are any other auth commands that deal with password besides signin/up. I guess it might be possible to write a function to access the encrypted password in the table and compare it, but I do not know if the salt/key is available to do that. Maybe someone else will jump in. Supabase uses gotrue so you might google that.

Are you building with nextjs?

You would have to use a bcrypt library and use the default hash cost, here is the code form gotrue that supabase uses for its hashing https://github.com/supabase/gotrue/blob/master/models/user.go#L244-L250 Whatever you do, don't run this in the client, do this in a server side call.

I would recommend creating an api route that takes in a current password and new password, logs in to an account, and then changes the password if the user is authenticated using the update query

I also try this technique before. But sadly when I put wrong password to login method I have been logged out.

I'm not sure why you are pinging here