Dr. McKay

The latest version of globaloffensive is working fine for me. Do your accounts own a CS2 license?

You would be expected to see the same access token/steamLoginSecure value if you attempt to refresh within 10 minutes of your last refresh, as steam-session caches it for 10 minutes. After that, you shouldn't see the same response to webLogOn() unless Steam truly returned the same access token again for some reason.

It's not really a memory leak, it's by design. picsCacheAll is especially going to consume lots of memory since it caches all app data it ever comes across. You really shouldn't use picsCacheAll in any app that lives longer than a few hours, and you should avoid using picsCache in general unless you really need it. For what purpose do you need the pics cache?

For your own account that you're logged into, the steam-user accountLimitations and vacBans events are your best bet. For trade bans, I believe you'd need to use the GetPlayerBans WebAPI method.

Are you trying to get this data for your own account, or for other users?

No, you'd need to use that API yourself. IEconItems_440 is a TF2-specific API and steam-tradeoffer-manager is general for all Steam assets.

Sounds like it.

Read the docs please. You should not call logOn() inside of the disconnected event as steam-user will handle reconnecting automatically. Checking the steamID property is how you can tell whether you're currently logged in or not.

I believe you wouldn't receive that message if there are no other playing sessions.

Yes, getExchangeDetails makes a Steam API call (specifically, GetTradeStatus). Generally speaking, anything that has a callback makes a network request. No, there's no built-in mechanism for handling rate limiting. You'll need to do it yourself.

Yes, this is the only way to obtain web cookies if you have a refresh token for EAuthTokenPlatformType.SteamClient. Other platform types can get cookies via steam-session.

You can still use a proxy the same way you did before with steamcommunity, but you're correct that the login() method no longer works if you do. You need to use steam-session with your proxy and call setCookies on steamcommunity, passing your proxy to both.

407 means your proxy is rejecting your connection. You're either using the wrong credentials or you have things configured wrong.

Trades containing CS2 items are not returned by the WebAPI when using an API key. You need to use an access token instead. You can get one using steam-session, and you provide it like this: https://api.steampowered.com/IEconService/GetTradeStatus/v1/?tradeid=123456&access_token=eyAid...

Version?

Have you acknowledged the modal about trade protection? You need to do that or call acknowledgeTradeProtection in node-steamcommunity once per account to be able to trade.

It's based on whether Steam reports if you have a wallet or not. I believe it becomes true the first time you fund your wallet (and thus set a currency for it).

Just add 2FA the same way you would if you had a phone number. The code gets sent to your email instead of your phone.

https://github.com/DoctorMcKay/node-steamcommunity/wiki/CSteamUser#commentmessage-callback

A trade that's reversed during Trade Protection will go to status 12 in GetTradeHistory and GetTradeStatus.

Or you could just use GetTradeStatus which takes a tradeid as input?

I don't know; you'll have to look for yourself.

You need to update node-steamcommunity and call acknowledgeTradeProtection() on each account.

Moved to correct forum - this was in an update to node-steam-session, not node-steam-user. As far as I've seen, this parameter is present for any GET request issued by the mobile app to the WebAPI. Confirmations don't go through the API so it's not present for those requests. In practice, the only request that origin=SteamMobile is added to in steam-session is the initial GetPasswordRSAPublicKey request as that's the only GET request issued when using EAuthTokenPlatformType.MobileApp.

Works for me.