Dr. McKay

In theory yes, but steam-user is not the best way to determine if some other user owns a particular app. You'd want to use the WebAPI's GetOwnedGames method, or ideally the publisher CheckAppOwnership method.

Yes, but: You shouldn't relog your client connection if your web session expires. Just call webLogOn() Calling logOff() in the error event listener is going to cause an error; if error gets emitted you're already disconnected (same applies to the disconnected listener) steamID is never going to be null in the disconnected event listener

The profile data is cached for some time, you should try requesting again after a little while.

The first argument to the webSession event is sessionID, not cookies.

Yes.

Yes, it will come up once and then you should get logged back in. It's fine to go ahead and call getExchangeDetails in the callback of offer.accept.

steamcommunity doesn't know that the session expired until it gets back a "Not Logged In" response. In other words, it's the "Not Logged In" response itself that triggers the sessionExpired event.

Unfortunately that's not possible.

You would retrieve the other user's inventory and use addTheirItem to add their items to the offer.

Collecting credentials from users is a very bad idea, no matter how good your intentions are. I won't support that.

No, sadly that's not possible. There are some browser extensions out there that will make this work with a single item only, by appending &for_item=appid_contextid_assetid (like for_item=730_2_123456789) but that's only if the user has one of those extensions installed, and isn't using the Steam client.

Are you re-retrieving the user's inventory the second time? Maybe the fact that you're manipulating the response object is what's causing your problem.

Here is where that plugin came from: https://forums.alliedmods.net/showthread.php?p=1850358 There are only a select few commands that the server can force the client to execute, and quit is not one of them. In fact, that plugin doesn't actually support running client-side commands, it only supports "fake" client commands. Meaning, it makes the server think that the client ran a command. So it's only going to work on commands that run server-side, like "kill".

You can't do offer.addMyItems(item.amount = 1) You need to do it like this: item.amount = 1; offer.addMyItem(item);

Not really. Skins don't have "colors", they have patterns, which are ultimately textures.

The big problem is that you'd also have to reverse engineer VAC, and have fun with that.

I don't really think that's possible unfortunately, since a bot can't join a CS:GO server. I could be mistaken.

No, if you want additional criteria for whether a trade offer should be canceled, you need to implement the logic of cancelTime yourself.

Firstly, your getOffer function is incorrect. It should look something like this: getOffer = (offerID) => { return new Promise((resolve, reject) => { console.log("Getting trade offer", offerID); this.manager.getOffer(offerID, (err, offer) => { if(err) return reject(err); resolve(offer); }); }); } I'm not super familiar with express, but I would imagine that you'd do something like this: app.get('/tradeOffer', auth, async (req, res) => { let { offerID, username } = req.query; await accounts[

Your fix is correct; you must log into steam-user with your password to get a login key.

Sounds like you're looking for the cancelTime constructor option.

err.type is not a property that exists. You should check the text of the error message to see what caused the error.

I don't know what you're doing wrong, but it seems to work for me.

That's not currently possible.

It sounds like your proxy is either misconfigured, or is trying to decrypt your HTTPS traffic, which is definitely suspect.