Do your strength checks in javascript client-side, then hash, then send. Server side can do further checks if it wants on the hashed password (hey, this password was already used, etc).
Password strength checking is (properly understood, in my view) providing help to the user, not enforcing some silly and annoying "password validation" rules.