A Node.js wrapper for interacting with the Roblox API. Forked from roblox-js.
About •
Prerequisites •
Installation •
Docs •
Examples •
Credits •
License
About
Noblox.js is a node module that was forked from sentanos's roblox-js module. This project was created because the roblox-js repository was no longer maintained by sentanos.
Noblox.js allows you to do things you would normally do on the Roblox website through a Node.js interface. You can use noblox.js along with Roblox's HttpService feature to create scripts that interact with the website. If you're looking for more information on how to create something like this, check out this repository by sentanos. Keep in mind that this does not use the latest version of this module and it is highly encouraged that you learn to use the library directly.
Prerequisites
Installation
With node.js installed simply run:
$ npm install noblox.js --save
$ npm install noblox.js -g
That's it!
Documentation
You can find the current noblox.js wiki with all API documentation here. Keep in mind that all methods may not be documented. A majority of the new features that can be found in noblox.js are not in roblox-js. There will be new documentation coming in with v5.0.0.
Making use of new login workaround
Note, as of v4.6.0 The way you log in to Noblox has changed significantly.
The library is no longer responsible for refreshing your cookies
This is because of many reasons including that creating a file caused several security/usability issues and made the library incompatible with some hosts.
Initial setup
- Remove any usages of the
login
or cookieLogin
methods. - Run
setCookie
with your cookie. This will store your cookie internally and validate it, but will perform no cookie refresh automatically - While this works, Roblox
.ROBLOSECURITY
cookies expire after an unknown length of time. For applications which run continuously, you must use the function refreshCookie
to prevent this. This will refresh either the cookie you pass or the internally stored cookie and return the new one.* - You need to store this new cookie somewhere - whether it be in a database, or a JSON file.
* See [Cookie expiration](#Cookie expiration) for an in depth discussion of cookie expiration.
Note: By default, setCookie will validate the cookie you provide by making a HTTP request.
To Disable this behaviour, pass false
as the second parameter (validate)
Getting your cookie (Chrome):
- Open any Roblox page and login
- Press
Control + Shift + i
on your keyboard - Click
Application
- Find
.ROBLOSECURITY
. Copy its contents, which will start with: _|WARNING:-DO
- Put this full token, including the warning into cookieLogin:
rbx.setCookie( tokenHere )
Example
This example makes use of the new async-await syntax.
const rbx = require("noblox.js")
async function startApp () {
await rbx.setCookie("_|WARNING:-DO-NOT-SHARE-THIS.--Sharing-this-will-allow-someone-to-log-in-as-you-and-to-steal-your-ROBUX-and-items.|_F9F1EA531adk")
let currentUser = await rbx.getCurrentUser()
}
Drawbacks
- You need to set up something to store and refresh cookies yourself
- Roblox-js-server is not currently compatible. Use noblox.js-server instead.
Common issues
CSRF
In July 2020 Roblox updated the endpoint we used to get CSRF tokens (auth.roblox.com/v1/logout
) and essentially disabled it.
They didn't warn anyone of this change so as of v4.6.3 we've updated to a new endpoint that works.
To make use of the new fix, run npm install noblox.js@4.6.3
. Alternatively, use latest
to get the latest version.
Cookie expiration
We do not know for a fact whether Roblox cookies expire. Roblox has not enlightened us on this fact, so we're pretty much in the dark.
We advise that you refresh your cookies in a production environment no more often than once every 24 hours.
However, several users have noted lately that they've had cookies last for several months - meaning you could choose not to refresh your cookie.
Credits
- sentanos - We wouldn't exist without him. 😀
License
MIT