Implementation of mobile SteamGuard 2FA codes and trading confirmations.
Expand latest SteamAuth-X.X.X.zip into your project folder.
Add require.
var SteamAuth = require("steamauth"); // if using npm registry
var SteamAuth = require("./SteamAuth"); // if using zip file installation
In normal cases, a time-sync must be done either for SteamAuth or individual SteamAuth instances. This sets the drift between the host computer and Steam servers needed to calculate the correct code.
// Perform an initial time sync
SteamAuth.Sync(function(err)
{
// we can now create instances
});
Time syncing can also be done on a per-instance basis, by event or callback.
// create a single instance with ready event
var auth = new SteamAuth("KNUGC4TFMRJWKY3SMV2A====");
auth.once("ready", function()
{
// auth can now be used
});
// create a single instance with callback
var auth = new SteamAuth("KNUGC4TFMRJWKY3SMV2A====", function(err)
{
// auth can now be used
});
Creating SteamAuth instances can be done with a Base32 string or object with shared_secret.
// simple example with a Base32 code (from WinAuth)
var auth = new SteamAuth("KNUGC4TFMRJWKY3SMV2A====");
var code = auth.calculateCode();
// example with options loaded from Android Steam mobile app
var auth = new SteamAuth({
shared_secret:"U2hhcmVkU2VjcmV0"
});
var code = auth.calculateCode();
// calculate a code for a specific time (in ms)
var code = auth.calculateCode({time:1449690657000);
If you already have the correct time, you can just jump in and create codes.
// create an authenticator with no time sync
var auth = new SteamAuth({
shared_secret: "U2hhcmVkU2VjcmV0",
sync: false
});
// create code for specific time
var code = auth.calculateCode({time:1449690657000});
// quickly create a code for a known secret and time
var code = SteamAuth.calculateCode("KRUGS42JONGXSQ3PMVLTGRLH", 1449690657000);
Trade confirmations require a login to the SteamAuth instance. In this case, you must additionally pass in the deviceid and identity_secret from the steam authenticator.
// create instance with options loaded from Android Steam mobile app
var auth = new SteamAuth({
deviceid:"android:631471e5-00c8-4e9b-b0e9-45b69426cd09",
shared_secret:"U2hhcmVkU2VjcmV0",
identity_secret:"SWRlbnRpdHlTZWNyZXQ="
});
You can then login with username and password.
// login the user
auth.login({
username:"mysteamuser",
password:"mypassword"
}, function(err, session)
{
});
Login can fail because of network errors, but also invalid password, authcode or a captcha is required. If a captcha is required, err will contain captchaid and captchurl properties. The captcha must be solved and passed back in to a new login.
// login the user with captcha
auth.login({
username:"mysteamuser",
password:"mypassword",
captchid:12345678,
captchatext:"ABCDEFG"
}, function(err, session)
{
});
On login, you can get an array of the current trade confirmations.
auth.getTradeConfirmations(function(err, trades)
{
if (err || !trades.length) return;
});
Trades are returned as summary objects containing: id:string, key:string, details:string, traded:string, when:string. The id and key are used to accept or reject.
// to accept a trade
auth.acceptTradeConfirmation(trade.id, trade.key, function(err)
{
// trade has been accepted
});
// to reject a trade
auth.rejectTradeConfirmation(trade.id, trade.key, function(err)
{
// trade has been rejected
});
SteamAuth uses bunyan to log activity. You can get the logger instance at SteamAuth.Logger and set the level, e.g.
// change logging to be "debug"
var SteamAuth = require("steamauth");
SteamAuth.Logger.level("debug");
Levels are "error", "warn", "info" and "debug". The default level is "warn".
Debug level logging will include all web request made to the Steam servers.
npm test