Removing steam client/steamworks dependency

[jesterret]

Would You be interested in adding a library for steam auth token generation instead of using steamworks? Obviously it would be prone to breaking if they ever change the format, but so is steamworks I believe? This would eliminate the need to have steam client open (I'm using steamkit for steam connection), didn't have time to check if it might resolve #1 as well.

[OutOfBears]

Hello! If you check my other branch, you'll see that I'm currently remaking the whole backend in golang, which does in-fact include the use of steamworks in order to the ownership ticket. Though I'm the current problem I'm having with it is the fact that something is going wrong in generation to the ticket is incorrect. I'm working on it though!

[jesterret]

Well, I'm not good with golang, but tokens I generate work without problems ;) From CientAuthList I'm setting only tokens_left, add app_id and for tickets only gameid, ticket and ticket_crc, and then steam accepts the message and created token is accepted for login by dbd servers (steamkit sets steamid automatically). The token I'm generating is 234 bytes total.

[OutOfBears]

@jesterret When I tested I used another library, called node-steam-user, and based my function off that, though when testing the lib myself, I found that the tokens it generated never worked. Even though I am sending back the ClientAuthList. I'm currently confused as to why this is happening and have been speaking with the creator of the DBD stats website, and he does the same thing. Take a look in the dev branch, though when I can I'm gonna clean it up.

[jesterret]

I did, the token generation looks good, but as I said, I don't speak golang very well, can understand what's happening, but that's the extent of it :) One thing would be that You're not waiting for server to authenticate the token before appending ownership token and using it (or maybe You do and I don't understand golang syntax again), but that's all I've got. Also, maybe it's a golang api, but shouldn't it be uint32? Also, I'm not even sending GamesPlayed to steam, it's not needed as well, and You don't waste network time setting it up ;)

[jesterret]

You can see really messy library version that works for me here, the app using it handles login, then awaits it in OnLoggedOn.

[OutOfBears]

AAaa. Go is being aids, im probably just gonna continue with what I've got here, It should work just as well anyway.

[jesterret]

Actually, I found out if You want to skip the steam token requirement completely, use api/v1/auth/login/guest endpoint :) Cookie expires in 24 hours, so You just refresh it (logout and login again).

[OutOfBears]

@jesterret holy heck that works? I just implemented the steam service for nothing then... though I guess I'll keep it the same for now. Also gave you credit :), though gonna do some testing before I push it to the api server, and idk how restricted the guests are.

[jesterret]

From my testing not that much, it's default dev version endpoint, idk why they actually have it on live server too, but it seems like it generates one-time user account, so (apart from IP) it's more anonymous without limitations. Anyway, happy to help :) I'll close it since I see You've solved this part, will give You some info in #1.