add common password protection to more spots

Author: kentcdodds

app/routes/settings+/profile.password.tsx

@@ -8,6 +8,7 @@ import { Button } from '#app/components/ui/button.tsx'
 import { Icon } from '#app/components/ui/icon.tsx'
 import { StatusButton } from '#app/components/ui/status-button.tsx'
 import {
+	checkCommonPassword,
 	getPasswordHash,
 	requireUserId,
 	verifyUserPassword,
@@ -73,6 +74,14 @@ export async function action({ request }: Route.ActionArgs) {
 							message: 'Incorrect password.',
 						})
 					}
+					const isCommonPassword = await checkCommonPassword(newPassword)
+					if (isCommonPassword) {
+						ctx.addIssue({
+							path: ['newPassword'],
+							code: 'custom',
+							message: 'Password is too common',
+						})
+					}
 				}
 			},
 		),

app/routes/settings+/profile.password_.create.tsx

@@ -6,7 +6,11 @@ import { ErrorList, Field } from '#app/components/forms.tsx'
 import { Button } from '#app/components/ui/button.tsx'
 import { Icon } from '#app/components/ui/icon.tsx'
 import { StatusButton } from '#app/components/ui/status-button.tsx'
-import { getPasswordHash, requireUserId } from '#app/utils/auth.server.ts'
+import {
+	checkCommonPassword,
+	getPasswordHash,
+	requireUserId,
+} from '#app/utils/auth.server.ts'
 import { prisma } from '#app/utils/db.server.ts'
 import { useIsPending } from '#app/utils/misc.tsx'
 import { PasswordAndConfirmPasswordSchema } from '#app/utils/user-validation.ts'
@@ -42,7 +46,16 @@ export async function action({ request }: Route.ActionArgs) {
 	const formData = await request.formData()
 	const submission = await parseWithZod(formData, {
 		async: true,
-		schema: CreatePasswordForm,
+		schema: CreatePasswordForm.superRefine(async ({ password }, ctx) => {
+			const isCommonPassword = await checkCommonPassword(password)
+			if (isCommonPassword) {
+				ctx.addIssue({
+					path: ['password'],
+					code: 'custom',
+					message: 'Password is too common',
+				})
+			}
+		}),
 	})
 	if (submission.status !== 'success') {
 		return data(