Node.js Passport Authentification through Apache-Redirect Proxy -

i'm building node.js application integrated passport-account system. since i'm hosted on uberspace.de, need configure .htaccess in main web-root so:

rewriteengine on rewriterule ^(.*) http://localhost:34457/$1 [p] 

my express-route login is: (accessible @ /api/auth/login)

router.post('/login', passport.authenticate('login', {      successredirect: '/account',     failureredirect: '/login?error=true' })); 

as how understand passport, if successful login performed, should redirected /account , if not, /login?error=true.

but if perform post using

url --data "email=foo@bar.com&password=test" http://[domain]/api/auth/login 

the result is:

<!doctype html public "-//ietf//dtd html 2.0//en"> <html><head> <title>502 proxy error</title> </head><body> <h1>proxy error</h1> <p>the proxy server received invalid response upstream server.<br /> proxy server not handle request <em><a href="/api/auth/login">post&nbsp;/api/auth/login</a></em>.<p> reason: <strong>error reading remote server</strong></p></p> <hr> <address>apache/2.2.15 (centos) server @ [domain] port 80</address> </body></html> 

and if execute same query html-form (method: post, action: /api/auth/login) in chrome, redirected /api/auth/login%5e (which obivously returns 404).

simple redirects 1 work:

router.post('/redirecttohome', function(req, res, next) {     res.redirect(302, '/');  }); 

but if perform function when calling /api/auth/login

router.post('/login', function(req, res, next) {     passport.authenticate('login', function(err, user, info) {         if (err) return next(err);           if (!user) {             console.log(info);             return res.json(401, {success: false});         } else {             console.log(info);             return res.json(200, {success: true});         }     })(req, res, next);  }); 

i still redirected /api/auth/login%5e.

my authentification-strategy login implemented as:

var localstrategy   = require('passport-local').strategy; var user = require('../models/user'); var bcrypt = require('bcrypt-nodejs');  module.exports = function(passport){      passport.use('login', new localstrategy({             usernamefield: 'email',             passreqtocallback : true         }, function(req, email, password, done) {              // check in mongo if user username exists or not             user.findone({ 'email' :  email },                  function(err, user) {                     // in case of error, return using done method                     if (err)                         return done(err);                     // username not exist, log error , redirect                     if (!user){                         console.log('user not found email '+email);                         return done(null, false, req.flash('message', 'user not found.'));                                      }                     // user exists wrong password, log error                      if (!isvalidpassword(user, password)){                         console.log('invalid password');                         return done(null, false, req.flash('message', 'invalid password')); // redirect login page                     }                     // user , password both match, return user done method                      // treated success                     return done(null, user);                 });             }));     var isvalidpassword = function(user, password){         return bcrypt.comparesync(password, user.password);     } } 

even if login-router written follows:

router.post('/login', function(req, res, next) {     passport.authenticate('login', function(err, user, info) {         if (err) return next(err);           if (!user) {             console.log(info);             return res.json(401, {success: false});         } else {             console.log(info);             return res.json(200, {success: true});         }     })(req, res, next);  }); 

i still redirected /api/auth/login%5e.

my passport login-strategy implemented so:

var localstrategy   = require('passport-local').strategy; var user = require('../models/user'); var bcrypt = require('bcrypt-nodejs');  module.exports = function(passport){      passport.use('login', new localstrategy({             usernamefield: 'email',             passreqtocallback : true         }, function(req, email, password, done) {              // check in mongo if user username exists or not             user.findone({ 'email' :  email },                  function(err, user) {                     // in case of error, return using done method                     if (err)                         return done(err);                     // username not exist, log error , redirect                     if (!user){                         console.log('user not found email '+email);                         return done(null, false, req.flash('message', 'user not found.'));                                      }                     // user exists wrong password, log error                      if (!isvalidpassword(user, password)){                         console.log('invalid password');                         return done(null, false, req.flash('message', 'invalid password')); // redirect login page                     }                     // user , password both match, return user done method                     // treated success                     return done(null, user);                 });             }));     var isvalidpassword = function(user, password){         return bcrypt.comparesync(password, user.password);     } } 

what problem?

actually, problem invisible character, redirected me other page, made bunch of other things go wrong.