Dr. McKay

No, use steam-session for that.

The third-party typescript definitions haven't been updated for 2.11.0. Just suppress the error.

Cannot reproduce. Are you on the latest version?

Cannot reproduce.

Duplicate of several threads here: https://dev.doctormckay.com/forum/9-node-steam-tradeoffer-manager/

That's the point. Enabling useAccessToken disable fetching an API key.

Not that I'm aware of. I've heard, but not personally confirmed, that if you use an access token you still receive CS2 offers as normal.

Yes, that seems to be correct.

No. That would defeat the purpose of the token.

Yes.

You need to call setCookies on the TradeOfferManager instance, not on the SteamCommunity instance. TradeOfferManager's setCookies also retrieves your account's API key.

You just need to call setCookies each time the webSession event is emitted. You don't need to create a new TradeOfferManager or SteamCommunity.

Use webLogOn() to get a new web session when that happens. It's a good idea to do that at least every hour or so as well.

You could use the IEconService/GetTradeOffer API method to fetch the trade offer details, which would include the user's SteamID. creator_id is the ID of the trade offer.

The sessionid cookie should indeed be universal. You can use whatever value you want.

That means it couldn't find any pending confirmations that map to an object (trade offer, market listing, or other) with that ID.

You'd need to figure out what requests the help site (help.steampowered.com) makes to change your email, and make those requests yourself using cookies obtained from steam-user or steam-session.

Probably not.

You'll be fine if you store this in your database.

That login route is outdated and doesn't work anymore. Logins are handled by steam-session these days.

If there's a request outstanding when you call logOff(), it has to wait for the request to timeout before the Node.js process can exit. There's a bunch of requests that get made internally when you first log on; you're better off waiting a second or so after loggedOn is emitted before calling logOff(). In the future I'll try to add a mechanism to cancel outstanding requests when we log off, but it's not quite as simple as it first sounds.

No, you'd have to register one using the web page at https://steamcommunity.com/dev/apikey or node-steamcommunity's createWebApiKey method. If you're calling methods that aren't account-specific (e.g. GetPlayerBans returns the same data for everyone, nothing is specific to your account) then you could register one API key and use it for everything, but I don't know if that meets your specific needs.

Not really. Some WebAPI methods allow you to use an access token (which is the same as a steamLoginSecure cookie without the SteamID prefix), but not all. GetPlayerBans is not an API method that accepts an access token, so you do need an API key for that.

Yeah, that looks fine. But ordinarily it shouldn't ever be possible for your SteamUser client to disconnect without you being aware of it, since the error event will be emitted.