AngularJS is meant to work as a client-side framework coupled with (mostly) RESTfull APIs. Your login API isn't supposed to return a HTML, it is supposed to return the instruction to redirect. So in your case you should simply call $location.url('/') in your $http success callback, which would use the Angular router to "redirect" to '/' (the root URL).
How does one detect the 'instruction to redirect' in Angular? In the op's example using Express, does Angular expose some way of detecting res.redirect('/') coming from the server?
It's up to the developer, but in most cases you want to return status code 200 (success) or 201 (created), in which case you simply put the $location.url('/') call in $http success callback.
how can i mimic the traditional <form action='/auth/signin' method='POST'> way of posting data where res.redirect works?