Maybe I’m misunderstanding you, but backend servers will almost always have the user-submitted password in plaintext as a variable, accessible to the backend server and any upstream proxies.
It’s even how it’s done in Lemmy. The bcrypt verify accepts the plaintext password and the salted hash.