Dr. McKay

That all looks fine to me. sessionExpired is only emitted when a request you make fails because you aren't logged in. It doesn't check automatically, it only checks whenever the library makes a request somewhere. Starting a new confirmation checker without stopping the old one is just fine. It'll stop an old one if you call it while one is running. I recommend updating to v3.23.1 if you're going to use webchat.

You can't check if someone else has Steam Guard. If you're afraid of trade holds, you can use getUserDetails to see if the offer would go into escrow. If you don't have a friends list handy to check, you can get it from the WebAPI.

You're probably better off asking on Stack Overflow.

I guess all I can say is make sure you aren't spamming Steam anywhere.

You probably attached a function to the poll data somewhere else in your code. That taints the entire object and makes it unserializable. Look around for somewhere where you're attaching a function to pollData.

Then I don't know what to tell you. Try another IP.

Can you retry?

You're sure you're using the same IP as your bot is using?

You can't use an account name, you have to use a SteamID.

I have never seen an account ban result in a 429. If you can make a request from that IP from a real browser, what do you get?

Can I see the rest of your code?

k isn't your 5-character code, it's a base64 code that's generated using a different algorithm: https://github.com/DoctorMcKay/php-steam-totp/blob/master/SteamTotp.php#L29-L45

Are you saving poll data across application sessions?

Save the "steamguard" argument in the login callback, and supply it to future logins as a "steamguard" property in the object.

You need to pass in an array (it can have only one item in it).

You should not hijack someone else's thread.

You can get those details with getProductInfo: https://github.com/DoctorMcKay/node-steam-user#getproductinfoapps-packages-callback

Please don't post your API keys. You need to wait until the callback of setCookies to try to call getOffer. And again, your input to getOffer is incorrect.

The IEconItems WebAPI is about your only option.

There are some general examples in the GitHub repo: https://github.com/DoctorMcKay/node-steam-tradeoffer-manager/tree/master/examples

Please read the documentation. You need to call setCookies and wait for the callback before you try to do anything else, and that is invalid input for getOffer.

401 usually means you aren't logged in.

Your err and offer parameters are switched.

No.

You can't perform authenticated requests before you're logged in. You aren't logged in until the loggedOn event is emitted. What your code is doing is starting the login process, then immediately before it completes you're trying to send an offer. Obviously, that's not gonna work.