DoctorMcKay / node-steam-session

Node.js module for authenticating with the Steam auth server. Allows for generating refresh tokens and web auth cookies for use with steam-user and other packages.
https://www.npmjs.com/package/steam-session
MIT License
117 stars 22 forks source link

Timeout #10

Closed elpaxel closed 1 year ago

elpaxel commented 1 year ago

First of all thanks you for this robust library.

So when I'm authenticating with "startWithCredentials" and then send wrong auth code with "submitSteamGuardCode" I'm getting expected "TwoFactorCodeMismatch". Then if I'm not doing anything, ~1 minute passes and Steam sends "ClientLogOnResponse", library calls disconnect and my program exits silently.

It is all good because as expected I'm catching "TwoFactorCodeMismatch" and then send new auth code. But it is little inconvenient that there is no control over "pre-polling" phase.

I don't know what exactly I want there ;) Maybe something like second (or overall) timeout or websocket disconnect event propagation. At least mentioning this in docs will be useful. Because I was a bit confused why my timeout didn't work until I checked the code and read the docs more carefully.

Of course, if I'm wrong and I missed something, or this question is irrelevant, you can close this issues.

DoctorMcKay commented 1 year ago

If I understand you correctly, your confusion came from the fact that the app didn't quit when (from your perspective) no events were outstanding? You'd prefer that the app did exit after you submit an incorrect code and then do nothing?

Edit: Actually, I'm not really sure what you're asking. If the CM we're currently connected to sends ClientLogOnResponse and closes the connection, the library just opens a new CM connection the next time it needs to poll. There shouldn't be anything specifically related to the WebSocket connection that would've caused you issues.

elpaxel commented 1 year ago

Well yes. When you send wrong password it disconnects immediately, but when you input wrong auth code it stays connected. You are right it caused my confusion. The part about "ClientLogOnResponse" may be not related at all. I just found it strange that after I input wrong auth code, 1 minute passes and Steam sends "ClientLogOnResponse". After that there is disconnect and no reconnection. But I guess that is just how it works.

Edit: If sending multiple auth codes is intended by Steam, then you do not need to change anything. Adding option like "disconnectOnWrongAuthCode" may be good alternative.

DoctorMcKay commented 1 year ago

Yeah, the reason why it doesn't disconnect is because you could still send the correct code, or confirm the login from your mobile device.

I'm still really not sure why you're observing that ClientLogOnResponse is coming in with no reconnection. It does reconnect the next time it needs to poll the session status, which I confirmed in testing even after sending an incorrect code.