Dr. McKay

This is being discussed in issue #122.

Correct. steam-tradeoffer-manager will handle all that polling for you.

tradeOffers is emitted whenever the number of active received trade offers you have changes. This means that it will be emitted when you receive a new offer, or when an offer you previously received is accepted/canceled/declined. If you need more info about trade offers or you need to act on them, look at steam-tradeoffer-manager.

Happy to help!

1) I'd keep your login checker code in there. The manager will only notice that your session is gone when you try to send/accept an offer. Normal polling and canceling offers uses the WebAPI and your API key, so the session isn't actually used there. 2) That's more than fine. 5 requests per minute is super low. 3) You're correct, your first snippet generated the code once on boot. It ceased to be valid once you used it.

That all looks fine to me. sessionExpired is only emitted when a request you make fails because you aren't logged in. It doesn't check automatically, it only checks whenever the library makes a request somewhere. Starting a new confirmation checker without stopping the old one is just fine. It'll stop an old one if you call it while one is running. I recommend updating to v3.23.1 if you're going to use webchat.

You can't check if someone else has Steam Guard. If you're afraid of trade holds, you can use getUserDetails to see if the offer would go into escrow. If you don't have a friends list handy to check, you can get it from the WebAPI.

You're probably better off asking on Stack Overflow.

I guess all I can say is make sure you aren't spamming Steam anywhere.

You probably attached a function to the poll data somewhere else in your code. That taints the entire object and makes it unserializable. Look around for somewhere where you're attaching a function to pollData.

Then I don't know what to tell you. Try another IP.

Can you retry?

You're sure you're using the same IP as your bot is using?

You can't use an account name, you have to use a SteamID.

I have never seen an account ban result in a 429. If you can make a request from that IP from a real browser, what do you get?

Can I see the rest of your code?

k isn't your 5-character code, it's a base64 code that's generated using a different algorithm: https://github.com/DoctorMcKay/php-steam-totp/blob/master/SteamTotp.php#L29-L45

Are you saving poll data across application sessions?

Save the "steamguard" argument in the login callback, and supply it to future logins as a "steamguard" property in the object.

You need to pass in an array (it can have only one item in it).

You should not hijack someone else's thread.

You can get those details with getProductInfo: https://github.com/DoctorMcKay/node-steam-user#getproductinfoapps-packages-callback

Please don't post your API keys. You need to wait until the callback of setCookies to try to call getOffer. And again, your input to getOffer is incorrect.

The IEconItems WebAPI is about your only option.

There are some general examples in the GitHub repo: https://github.com/DoctorMcKay/node-steam-tradeoffer-manager/tree/master/examples