ABaumher
commented
9 months ago With the one on my repo, the plugin will work with private profiles (in fact, i removed the old public profile option), because we do all the same security Steam does. In fact, for all intents and purposes, Valve treats us like a legitimate Steam client.
Unfortunately, the connectivity issue is a lot harder to fix. The reason we avoid using API Keys is that they limit how much data can be obtained. For users with large libraries, they are essentially useless. You'd also have to provide your own API Key, because otherwise, the plugin would only work for about 5 users per day.
A bit of context on the connectivity issue: Since we act like a Steam Client, we get a login token. It functions like an API Key and uses the same security protocol (SSL) but gets to us in a different way. Much like an API Key, this token can't be shared with anyone because it's essentially a secure password. So, we immediately secure it in GOG's secure cache, and never store it ourselves. That token allows us to log in for you so you don't need to type your password all the time. At the same time, once you log in, Valve checks in on us periodically to make sure we're still connected. If you lose connection for over a minute, it logs you out. We can log back in with that token, but we need GOG to give it to us, so we tell it we disconnected, and there's your issue. I'm thinking about adding an option to allow us to store that key in memory - unless you have something snooping your computer memory it won't be an issue, and will let us log you back in silently.
Issue 1) Not working because my profile is private. Issue 2) Even if I set my account to public(which I don't want to), there were frequent log outs from Steam on GOG(My guess is due to VPN).
Playnite didn't have both of these issues because it uses Steam API key. Hope API key based usage can be implemented.