All Activity

I don’t understand why, when using AppID 730 (CS2/CS:GO), I can only generate one valid AuthSessionTicket (and sometimes none at all). Instead, I get this error: However, if I use a different AppID (for example, 10), I can generate multiple AuthSessionTickets without any problems.

Hey, Is there a post about how to open a case with the GC already? I couldn't find any and I kept getting timed out. Also interested in how to open packages and capsules that do not require a key 🙂

How to debug steamclient by myself? DoctorMcKay somehow managed to find all the necessary structures and methods to implement this repository.

You need to setup an instance of the request module using request.defaults() with your proxy config, then pass that request instance to the SteamCommunity constructor, and finally pass that SteamCommunity instance to the TradeOfferManager constructor.

No, since loggedOn may be emitted multiple times in response to one logOn() call.

Hello, some methods give an error when you send a request directly to steam or sometimes the server ips is banned,. I am calling from TradeOfferManager.getUserInventoryContents In depend i look source it's calling from "node-steamcommunity". can we just give this function or proxy globally, like steamUser? Example; const client = new SteamUser( { machineIdType: SteamUser.EMachineIDType.PersistentRandom, httpProxy: `http://${ proxy }`, autoRelogin: false, picsCacheAll: true, webCompatibilityMode: true, protocol: SteamUser.EConnectionProtocol.WebSocket } ); Maybe while creating SteamCommunity or TradeOfferManager const community = new SteamCommunity( {} ); community.setCookies( cookies ); const manager = new TradeOfferManager( { steam: steamUser, community: community, domain: "127.0.0.1", language: 'en', useAccessToken: true, pollInterval: Math.floor( Math.random() * 1000 ) + 1000 } ); manager.setCookies( cookies );

Is there a way to use the logOn method in the "steam-user" module with a Promise, i.e., using await? Using the loggedOn event instead has been giving me a lot of headaches, and I still haven’t been able to implement it reliably.

Really noone knows a single thing about this one, please? Would help me alot ❤️

If you're transferring items from one account to another, avoid adding all of the items in one go. The item owner's account will be flagged with a temporary ban. I accidentally transferred thousands of trading cards from my farmer to my bot, farmer got temp ban.

Im having problems fetching inv, it worked until recently. I found that on my alt account https://steamcommunity.com/profiles/76561199527959101/inventory/json/730/2 will result in {"success":false,"Error":"Unsupported request"} However, on my main account, I would get a full list of items for CS2 that are in the inv. Has anyone else gotten this error? Managed to fix it by running "npm audit fix --force"

Have you done any tests? Accounts can be used from outside, only tradeoffers will come from my server.

No, there are no restrictions, only if these accounts are not used anywhere else except your server

Hi, does anyone know if there are any rate limits or bans on sending trade offers via https://steamcommunity.com/tradeoffer/*? In my case, trade offers are being sent from a cluster on behalf of different accounts, with correct friendly headers and native cookies, but from a SINGLE IP address. I had prefer not to use proxies, since Steam sometimes reacts unpredictably to certain ones, which could have negative consequences for the account. thanks 💪

How can I get a leaderboard from a game if it uses steamworks?

I am also finding that exclusively logging in with .WebBrowser (and not .MobileApp) and using a non-default User-Agent (just pull whatever your current browser uses) works. Account now is blocked from selling for 15 days, but at least I can play on VAC servers.

4 hours have passed since logging in, and the account has not been blocked. If something changes, I will update the information, but at the moment, it seems that Valve authenticates the login to the mobile application using the QR code. Most likely, in order to avoid a ban, you need to transfer completely identical data from the device from which the QR code is scanned and on which device the login is made, but I have no desire to check this. But most likely this happens because you can’t log in to the mobile application using a QR code, because it is simply not available there. I think this is the reason for the ban. This should definitely be indicated in the documentation.

Thanks, I decided to leave the bots in the worker_thread, this will isolate them from each other and will not pull everyone else down with it if there is any problem.

So, through a lot of banned accounts, I found out that MobileApp is absolutely not suitable for logging in via a QR code, I think steam does not give any opportunity to use MobileApp, but how it defines me is a mystery. I will use MobileApp to log in via 2FA code and browser to log in via QR. I think this is the solution to the problem. I think that others who have encountered this have come to the same decision. However, NONE of those who solved this problem shared any information. They come for help, but they always refuse to help others. That's what scammers usually do. I have now logged in to my last account using a QR code, but using EAuthTokenPlatformType.WebBrowser. The ban comes about 3 hours after logging in. I hope everything goes well this time.

if you're only using node-steamcommunity, I don't think you need much ram but for rate limit, YMMV. I used to run 50 accounts, 10 of which has a steam-tradeoffer-manager instance and the rest only steam-user and steamcommunity, running in less than 500mb. Fetches inventory every 10 minutes for all initiated accounts, Fetches boosterpack catalog every 10 minutes for all initiated accounts, Fetches badge data (1 every 30 secs) Internal stock balancing. Not using any proxy. Nodejs, pm2, ASF, nginx in a 1gb droplet.

Hi, everyone. Maybe someone has seen this error and knows what it means? https://steamerrors.com/37

Well, I'll try to log in with this data, I don't know what will come of it. { websiteId: 'Mobile', headers: { 'user-agent': 'Mozilla/5.0 (iPhone; CPU iPhone OS 17_0 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/15.0 Mobile/15E148 Safari/604.1', cookie: 'mobileClient=ios; mobileClientVersion=3.10.0' }, deviceDetails: { device_friendly_name: 'iPhone 13 mini', platform_type: 3, os_type: -600, gaming_device_type: 528 } }

npm update

I think this function is broken or i do something wrong. Anyway, it worked well for months, but stopped working a week ago

Yes, I think Valve bans accounts if the MobileApp login differs from this MobileDeviceProperties data. It may be necessary to update the code every time and set up-to-date phone data so that there are no bans. I don't know how this is possible at all, even if my IP address is the same as on all devices where I have ever logged into my account. It looks like complete idiocy. interface ConstructorOptions { // ... mobileDeviceProperties?: MobileDeviceProperties } interface MobileDeviceProperties { mobileUserAgent?: string, // default 'okhttp/3.12.12' mobileClientVersion?: string, // default '777777 3.0.0' deviceFriendlyName?: string, // default 'Galaxy S22' osType?: number, // default EOSType.AndroidUnknown gamingDeviceType?: number, // default 528 (unknown significance) }

Hi there, Created an account and replying to say I'm also experiencing this. Starting Sunday, I logged in using a QR code that I scanned with the Steam Authenticator app. I was then flagged for "compromised account". I went through their flow to reset my password and figured all was good so I logged in again with QR code. Flagged again. This time they did a big reset and I even had to remove and re-attach my Steam Authenticator. I tried one more time and my account got flagged and that's where I'm stuck right now. It's a big pain because it prevents me from joining friends. tl;dr: something does seem broken when using QR codes to log in @vindisel I found in the github why your EAuthTokenPlatformType.MobileApp shows up as [Samsung] Galaxy S22: https://github.com/DoctorMcKay/node-steam-session/blob/a4300c954c7dc0e4b15c6ff033e4484c70837a0f/src/AuthenticationClient.ts#L417 Basically anybody using .MobileApp as their type gets considered to be an S22. My original login method was also using .MobileApp. I'm currently trying to change .MobileApp to .WebBrowser to see if that does anything, because since I'm running my code on a server it's not actually a MobileApp. Maybe Valve is cracking down on "wow there's a lot of people doing bot things from S22s"? I'm also going to provide a userAgent from my current browser, in case that helps avoid this automatic flagging.