Dr. McKay

"Encrypted message authentication failed" should honestly never happen. If it does, either something is very broken in your setup, or else someone (e.g. your proxy) is modifying your network traffic in transit. Could you please provide the versions of everything involved? steam-user, @doctormckay/steam-crypto, node.js, operating system, etc. I'll try to make recovery from that error a little more gracious, but in the meantime you might be able to work around it by forcing the protocol to WebSocket: let user = new SteamUser({ protocol: SteamUser.EConnectionProtocol.WebSocket });

I could be wrong, but as far as I remember there's no concrete way to know that an offer is a counter offer. You could possibly check the offer created time and see if it closely matches the updated time of a previous offer sent to that user which has status Countered.

Fixed in 4.24.5. I'm going to need you to be more specific on the shortcomings you're describing.

I can see it right there.

Are you calling gamesPlayed? You can only have a single playing session or else you'll get kicked with that error.

I actually wasn't aware of this until now. Market.PopularByCurrency(1) looks an awful lot like a unified message name, and it's probably using some of the same tech under the hood. But I doubt it'll just work with any call without having been set up by Valve beforehand. I'm not aware of any other feeds.

Pretty much anything is possible when Steam is involved. You should be prepared to handle an eventuality where an offer send fails but it ends up going through and being accepted. You can use the unknownOfferSent event to detect when an offer goes through that isn't expected to (i.e. you called offer.send and it succeeded).

No, that's not possible.

You need to call setCookies on the TradeOfferManager instance. Passing a SteamCommunity to the TradeOfferManager constructor makes TradeOfferManager call setCookies on the SteamCommunity instance when you call setCookies on the manager instance, but not the other way around.

Sorry, I don't have time to help with stuff like this.

You're logging in to an anonymous user account (that's what the a means in [a:1:x]), which implies that your accountName is undefined.

https://github.com/DoctorMcKay/node-steam-user/blob/master/components/cdn.js#L268

https://github.com/DoctorMcKay/node-globaloffensive/blob/master/index.js#L277-L290 This code will probably work.

You could just keep the offer object in memory somewhere and call getExchangeDetails on it again later. Or look it up by trade offer ID. TradeOfferManager doesn't have any way to request the trade status API without having a TradeOffer object first.

I bet that for some reason, immediately after the trade finishes it's not returning the items but after some time they show up. I'd recommend that you set up retries for getExchangeDetails if it comes back empty.

Check the same trade ID using the other bot's API key and see if it properly reports assets_received.

Looks like it's returning assets_given, but not assets_received, so that would be why receivedItems is empty in TradeOfferManager. That's the data that Steam is reporting.

Plug the trade_id (not the trade offer ID) from the offer in question into the GetTradeStatus API and see if it returns any info. If not, then it's a problem on Steam's end and there's nothing we can do about it, sadly.

That code looks like it should work. It's possible that Steam has changed something relating to how avatars are uploaded. I'll look into this when I get a chance, but it probably won't be soon.

No, and you really shouldn't be asking users for their account credentials. API keys are credentials.

No, you can only use a 2FA code once. If you've already used a code, then you'll need to wait for the next code to be generated. You shouldn't be logging into SteamCommunity with an account name and password if you're already using SteamUser. In the webSession event, just call community.setCookies(cookies); That's all you need.

Either your secret is wrong, your clock is wrong, or you attempted to reuse a 2FA code.

If you get an error event indicating you disconnected due to LoggedInElsewhere, just log back in. It won't cause any problems unless you try to launch a game again before you get a playingState notification indicating that you aren't blocked.

You should probably move your gamesPlayed call to the playingState event, and only call it if blocked is false.

Not really. Logging into an account tends to invalidate the session cookies of other logins.