auditt19 Posted December 25, 2024 Report Posted December 25, 2024 Hey everyone, So, I’ve got this script set up on Heroku to idle Steam games 24/7. It works great locally, but I’ve hit a couple of issues when running it on Heroku, and I was wondering if anyone has any advice. Here’s the basic idea: the script uses environment variables for the Steam username, password, and shared secret. It generates the twoFactorCode using steam-totp and logs into Steam to idle the games. Here’s a snippet of the code for context: const username = process.env.username; const password = process.env.password; const shared_secret = process.env.shared; const games = [1546990, 12110, 12240]; const status = 1; const twoFactorCode = steamTotp.generateAuthCode(shared_secret); console.log("Generated Steam Guard code:", twoFactorCode); if (!username || !password || !shared_secret) { console.error("Please check your .env file. One or more variables are missing."); process.exit(1); } user = new steamUser(); user.logOn({ accountName: username, password: password, twoFactorCode: twoFactorCode, }); user.on('loggedOn', () => { if (user.steamID != null) console.log(user.steamID + ' - Successfully logged on'); user.setPersona(status); user.gamesPlayed(games); }); user.on('error', (err) => { console.error('Login error:', err); if (err.message.includes('RateLimitExceeded')) { console.log('Rate limit hit. Waiting for 30 minutes before retrying...'); } }); Steam Guard Key Input is a problem because Heroku doesn’t allow for interactive input, so there’s no way to manually enter the Steam Guard key when it’s required, like you’d do when running the script locally. The generated twoFactorCode isn’t matching the one on my phone. I’m using the shared secret from the mobile authenticator, but for some reason, it’s just not working correctly. I even tried switching to a refresh token system to bypass the need for a twoFactorCode, but the problem is that I can’t keep updating and resending the token on Heroku. It’s just not practical to deploy updates manually every time the token expires. So, does anyone have a workaround for these issues? Maybe a better way to handle Steam Guard authentication or refresh tokens in a Heroku environment? I’d appreciate any tips, code examples, or ideas. Thanks in advance! 😊 Quote
Dr. McKay Posted December 26, 2024 Report Posted December 26, 2024 If the codes it's generating don't match the codes generated by the app, then your secret is wrong or the clock is wrong. auditt19 1 Quote
auditt19 Posted December 26, 2024 Author Report Posted December 26, 2024 The secret I’m using is from the Steam Desktop Authenticator (SDA) app, so I don’t think it’s incorrect. Heroku uses accurate time, I’ve checked, so unless steam-totp isn’t working properly, I’ll try syncing the time somehow. Also, do you have any ideas on how I could pass the Steam Guard key for Heroku to use it? Quote
Dr. McKay Posted December 26, 2024 Report Posted December 26, 2024 If the clock is right, then the secret must be wrong. Try using the secret in a test script locally. If it generates correct codes, something is wrong with how you're transporting the secret to Heroku; maybe it's encoding it weirdly. If it's wrong locally, then you have the wrong secret. Maybe you exported it from SDA wrong. auditt19 1 Quote
auditt19 Posted December 27, 2024 Author Report Posted December 27, 2024 Does this mean that if the shared secret is correct, the script will log in on its own and won't ask me to manually enter the Steam Guard code? Quote
auditt19 Posted December 27, 2024 Author Report Posted December 27, 2024 (edited) I fixed the issue, secret was wrong somehow, I extracted new one from android. Thank you McKay, you are the real doc! Edited December 27, 2024 by auditt19 rephrase Quote
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.