Jump to content
McKay Development

Session expired


Recommended Posts


I have problems with seesions since last updates.

Providing some important parts of my code:

Creatin session using steam-session v1.6.0:

async function getSession() {
    return new Promise(async (resolve, reject) => {
        let session = new LoginSession(EAuthTokenPlatformType.SteamClient);
        session.on('authenticated', async () => {
            try {
                console.log(`Getting session as ${session.accountName}`);
                let webCookies = await session.getWebCookies()
                if (webCookies) {
                    steamLoginData = {
                        accessToken: session.accessToken,
                        refreshToken: session.refreshToken,
                        webCookies: webCookies
            } catch (ex) {
        session.on('timeout', () => {
            console.log('This login attempt has timed out.');
        session.on('error', (err) => {
            console.log(`ERROR: This login attempt has failed! ${err.message}`);
        try {
            await session.startWithCredentials({
                accountName: config.username,
                password: config.password,
                steamGuardCode: SteamTotp.getAuthCode(config.ss)
        } catch (ex) {
            return reject(ex);

Creating instanses:

let client = new SteamUser();
let community = new SteamCommunity(); // latest version
let manager = new TradeOfferManager({  // latest version
    'steam': client,
    'community': community,
    "domain": "example.com"
    "language": "en"
    "pollInterval": 10000

Then logging in using steam-user v5.0.1:

    client.logOn({ "refreshToken": steamLoginData.refreshToken })

Handling events:

client.on('loggedOn', function () {
    console.log("Logged into Steam as " + client.steamID.getSteamID64());
client.on('webSession', function (sessionID, cookies) {
    manager.setCookies(cookies, function (err) {
        if (err) {
community.on('sessionExpired', async function (err) {
    if (err) {
        console.log('Session Expired: ' + err);
    if (client.steamID) {
        console.log('called weblogon: ' + client.steamID);
    } else {
        await clientlogin()
        console.log('called logon');
async function clientlogin() {
    await getSession();
    client.logOn({ "refreshToken": steamLoginData.refreshToken })
    await timeout(5000)

Logs after some time:

[04:56:56] Trade offer #6477610753 from *** confirmed
[10:27:18] Session Expired: Error: HTTP error 403
[10:27:18] called weblogon: 7656*************
[10:27:18] Unable to accept offer: Not Logged In
[11:48:34] Session Expired: Error: HTTP error 403
[11:48:34] called weblogon: 7656*************
[11:48:34] Unable to accept offer: Not Logged In
[11:53:06] Session Expired: Error: HTTP error 403
[11:53:06] called weblogon:7656*************
[11:53:06] Unable to accept offer: Not Logged In
[11:54:54] Session Expired: Error: HTTP error 403
[11:54:54] called weblogon:7656************

webLogOn() doesn't seem to work.

Any ideas where I'm wrong? How to correctly handle an event sessionExpired? This code worked fine, but after the latest updates to the latest versions it no longer works.

Edited by mxnster
Link to comment
Share on other sites

3 hours ago, Dr. McKay said:

5.0.2 is up. I don't really expect it to change things, but it might. I did double-check and steam-user is still doing exactly the same thing the client is for getting a web session.

Thank you, I updated to the latest versions. Usually this error appears a couple of days after launch. I'll report the results.

Link to comment
Share on other sites

On 10/27/2023 at 9:07 AM, Dr. McKay said:

I believe I found the bug. Run npm update again and make sure that you end up with steam-session 1.7.1 or later.

On Linux, you can do npm ls -a | grep steam-session to check your steam-session version.

Hello! Seems like everything is fine right now. Thanks!

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Create New...