How to validate the gitlab user mail ID and password with admin token?

We created to tool for update the comment in commit page. For that, I create a personal access token by using user given mail ID (using in gitlab). Now I use that personal access token I update the comment. Now I need to confirm the user`s mail ID and password (any other way). Because at now anyone can use another person mail ID and access do this operation.

How can I confirm the user who is an owner of the given mail ID? I don`t want to go for table operation. I want to check with gitlab data.