@Maybar
I think you need to use the following solution.
I think at the moment in your case I see two options. Either enter the password when opening and showing the file, or it is possible to pass the password as a parameter when opening the file (not sure). In both cases, the user will be able to find out and see the password.
So, it seems to me that you should use the pdf library on the server (some kind of library, I can’t recommend any specific library), which creates a temporary file on the server, "removes the password" from the file, and send this file to the client for viewing.