Jump to content
McKay Development


  • Posts

  • Joined

  • Last visited

Reputation Activity

  1. Like
    Revadike got a reaction from Dr. McKay in [Suggestion] Steam Awards   
    Created PR: https://github.com/DoctorMcKay/node-steamcommunity/pull/276
  2. Like
    Revadike got a reaction from PonyExpress in Get Steam profile comments   
    Nah, you don't have to scrape comment page to get comments. You can do it by using blotter html api for comments, like this: https://github.com/DoctorMcKay/node-steamcommunity/issues/208
  3. Like
    Revadike reacted to furi in BREAKING CHANGES: steam-user v4 now available on npm   
    In my code i use only logOn method and event listeners such as loggedOn and webSession. Is it normal?

  4. Like
    Revadike got a reaction from SnaBe in Where to start from for making a simple chat response bot   
    This is also a great guide: https://github.com/andrewda/node-steam-guide
  5. Like
    Revadike reacted to Skyper in AntySPam   
    Hi, someone have idea on antyspam? I just won't get spam like 20 messages from the same user in 3 sec ( or more).
    Have a nice day  
  6. Like
    Revadike reacted to GitHub in node-steam-user v3.28.1   
    Fixed errors if you pass appID and depotID as strings instead of ints to getDepotDecryptionKey Fixed crash if a cached local file is corrupt when trying to retrieve depot decryption keys  
    View on GitHub
  7. Like
    Revadike reacted to Dr. McKay in Will the new steam chat / group chats be supported in steam-user?   
    As an update, I've gotten very basic support working in the v4 branch. Hopefully I'll be able to finish up v4 soon, at which point new chat support can be fleshed out further.
  8. Like
    Revadike reacted to Dr. McKay in Auto-Download games functionality, posible?   
    Without knowing exactly what depot you're trying to download, all I can tell you is to check each file entry in the manifest to see if flags & EDepotFileFlag.Directory.
  9. Like
    Revadike reacted to Dr. McKay in App token & depot key dumper   
    One of the files in your local cache appears to be corrupted. I'll push a fix to handle this case.
  10. Like
    Revadike got a reaction from makcc666 in Get packageid's that contain a certain appid?   
    Well, one way I found, is to add all steam apps to some account's wishlist and scrape that page. 
    g_rgAppInfo contains subs property per appid. Unfortunately, it only limits to subs available in the steam store.
    So, this is no ideal and also not really what I was looking for. But it's nice to share this info.
  11. Like
    Revadike got a reaction from QuestionRealQuick1 in Getting current game?   
    You can do it with steam-user:
    const steamid = 123456; client.getPersonas([steamid], personas => { console.log(personas[steamid].game_name); // Non-steam game name });
  12. Like
    Revadike got a reaction from QuestionRealQuick1 in Checking if a steam64 id is your friend?   
    Assuming you are logged in (user = steam-user instance, steamid = steamid64):
    function isSteamFriends(steamid) { return Object.entries(user.myFriends).filter(e => e[1] === SteamUser.Steam.EFriendRelationship.Friend).map(e => e[0]).includes(steamid); }
  13. Like
    Revadike reacted to speicher in not confirm trade after running a while   
    ok, that should work based on your wiki.

    community.on('sessionExpired', function(err) { if (err) { console.log('sessionExpired: '+err); } community.stopConfirmationChecker(); if (client.steamID) { client.webLogOn(); } else { client.logOn(logon_details); } });
  14. Like
    Revadike reacted to Dr. McKay in Cookies   
    Every website out there (that doesn't use HTTP authentication) uses cookies to identify user sessions. Cookies usually contain session IDs, which are looked up on the server in order to determine who the session belongs to. Steam is no different.
    All Steam websites (the store, community, the help site) use the same cookies to identify user sessions. There are four cookies which are required to identify a Steam session:
    sessionid steamLogin steamLoginSecure* steamMachineAuth* * = this cookie should only be sent over HTTPS
    Despite its name, the sessionid cookie is merely a CSRF token. Its value can be anything, as long as it matches the sessionid POST parameter in your POST requests. Steam will randomly assign you one the first time you hit one of the websites without already having one, even if you aren't logged in. They are not tied to accounts or to sessions.
    steamLogin and steamLoginSecure are the actual session cookies. Their format is: (your 64-bit SteamID + two pipe characters, percent encoded as %7C + a 40-character uppercase hexadecimal token). The hexadecimal token will differ between the two cookies, but the SteamID will be the same. steamLoginSecure should be sent with all HTTPS requests, and only for HTTPS requests. These cookies are short-lived and once invalidated (the exact circumstances that cause them to be invalidated are unclear), you will be logged out.
    steamMachineAuth is your Steam Guard identification cookie. You should replace with your actual 64-bit SteamID, so for example the name of my cookie would be steamMachineAuth76561198006409530. This cookie's value is simply a 40-character uppercase hexadecimal token. The cookie identifies a "machine" for Steam Guard, so that you don't have to provide an email code every time. This cookie is still present if you're using the mobile authenticator, even though you have to provide a code for every login. This cookie's issue date is also used as the "first sign in" date for purposes of determining trade restrictions. This cookie effectively lasts forever, so you should save it and reuse it between sessions. This cookie is required for trade offers to work.
    Note: Since Steam switched to HTTPS-only, steamLogin appears to no longer be necessary and is therefore no longer issued to web logins. It does seem to still be issued to Steam client-based logins.
    How to Get Cookies
    You can get Steam login cookies in one of three ways.
    You can log in to any Steam site in a browser, which will issue you cookies for that domain (and also do some JavaScript to set those cookies for other Steam domains). node-steamcommunity can do this for you. You can use the undocumented IMobileAuthService/GetWGToken WebAPI method with an oAuth token. node-steamcommunity can do this for you. You can use the ISteamUserAuth/AuthenticateUser WebAPI method with a nonce (loginkey) received from the CM. Sessions negotiated this way will have no steamMachineAuth cookie, and that cookie is unneeded for these sessions (trade offers will still work). Sessions negotiated this way will be invalidated as soon as the client session which received the CM nonce disconnects. node-steam-user can do this for you. Once you have cookies, you can use them with any of a number of modules, e.g. node-steam-trade, node-steamcommunity, node-steamstore, etc.

    Cookie Expiration
    Cookies expire and become invalid at seemingly-random times. There seems to be no real rhyme or reason as to when it happens, but it generally does happen whenever an account is logged in somewhere else, and on some unspecific time interval.
    If you log in to Steam using node-steam-user, you will be issued cookies, but they are only linked to the CM session in that they will expire if the session disconnects. They also follow normal expiration rules, meaning that even if your Steam client session is still connected, your cookies might have expired and thus your web requests will indicate that you aren't logged in. If this happens, you'll need to use webLogOn() to get new cookies.

    Cookie Usage
    I'll briefly explain how cookies and sessions work in my libraries. A quick overview on statefulness: HTTP is stateless. Each request is distinct from every other request, and thus there is no way to link two requests together (except by using cookies). For this reason, to keep track of which user is logged in, every site on the planet uses cookies. Typically, cookies contain an opaque session ID which the server looks up to see which account you're using. Steam is no exception. TCP is stateful. Each message sent over a TCP connection belongs to that connection and thus it's easy to link two messages together.
    node-steam-user connects to the CM using TCP (or optionally UDP, but it acts like TCP anyway). This is a stateful connection, and there is no need to use cookies to identify it.  Therefore, node-steam-user has no need for cookies. While it is capable of producing cookies, it does not save them and doesn't use them in any way except to make them available to the end-user for use elsewhere. node-steamcommunity communicates with Steam over HTTP, which is stateless. Thus, cookies are required in order to authenticate your requests to your account. node-steamcommunity can either accept cookies using the setCookies method (which can accept cookies obtained by any means, including node-steam-user), or it can produce cookies using the login method. Either method will save the cookies internally in the SteamCommunity object and those cookies will be used to authenticate every HTTP request. node-steamstore is identical to node-steamcommunity, although it cannot create cookies (i.e. it can only accept them using setCookies). node-steam-tradeoffer-manager is identical to node-steamstore, except it uses node-steamcommunity under the hood for its HTTP communication. Thus, if you instantiate TradeOfferManager and pass a community instance to the constructor, calling setCookies on the TradeOfferManager will also call setCookies on the SteamCommunity, and therefore you need not call setCookies on SteamCommunity (although it doesn't hurt anything, either). In list form, where a producer can create cookies and a consumer can use cookies:
    steam-user: producer steamcommunity: producer, consumer steamstore: consumer steam-tradeoffer-manager: consumer steam: producer steam-trade: consumer
  15. Like
    Revadike reacted to TarasDev in marketSearch in steamcommunity   
    Recently i find out that you can use norender=1 argument to disable html render, example: https://steamcommunity.com/market/search/render/?norender=1
    It seems much easy to parse json output =)
  16. Like
    Revadike reacted to Dr. McKay in GetOwnedApps & Steam Family Sharing   
    You really, really shouldn't be getting family shared games. I'll have to look into this when I get a chance.
  17. Like
    Revadike reacted to GitHub in node-steam-user v3.21.0   
    Added force option to gamesPlayed Added playingState event Added kickPlayingSession method Fixed getOwnedApps, getOwnedDepots, ownsApp, and ownsDepot not taking into account package expiration times (e.g. free weekends)  
    View on GitHub
  18. Like
    Revadike reacted to Dr. McKay in GetOwnedApps & Steam Family Sharing   
    Please give 3.21.0 a shot.
  19. Like
    Revadike reacted to Dr. McKay in GetOwnedApps & Steam Family Sharing   
    Thanks. Looks like there's an expiry time in those packages which is being ignored. Let me take a look at the code.
  20. Like
    Revadike reacted to SunriseM in Function on getchatHistory   
    Did you try writing  the client.on('chatHistory',..) part before client.getChatHistory?
  21. Like
    Revadike reacted to Dr. McKay in Steam Rate Limits   
    Some people are working on maintaining a list of rate-limits here: https://www.reddit.com/r/SteamBot/wiki/rate-limits
  • Create New...