Huge News!Announcing our $40M Series B led by Abstract Ventures.Learn More
Socket
Sign inDemoInstall
Socket

noblox.js

Package Overview
Dependencies
Maintainers
2
Versions
58
Alerts
File Explorer

Advanced tools

Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

noblox.js

A Node.js wrapper for ROBLOX. (original from sentanos)

  • 4.8.4
  • Source
  • npm
  • Socket score

Version published
Weekly downloads
1.6K
increased by1.92%
Maintainers
2
Weekly downloads
 
Created
Source

noblox.js

A Node.js wrapper for interacting with the Roblox API. Forked from roblox-js.

JavaScript Style Guide noblox.js Discord NPM package Travis Build Status

AboutPrerequisitesInstallationDocsExamplesCreditsLicense

About

Noblox.js is a node module that was forked from sentanos's roblox-js module. This project was created because the roblox-js repository was no longer maintained by sentanos.

Noblox.js allows you to do things you would normally do on the Roblox website through a Node.js interface. You can use noblox.js along with Roblox's HttpService feature to create scripts that interact with the website. If you're looking for more information on how to create something like this, check out this repository by sentanos. Keep in mind that this does not use the latest version of this module and it is highly encouraged that you learn to use the library directly.

Prerequisites

  • node.js

Installation

With node.js installed simply run:

# Run this to install noblox.js locally to your repository. 
$ npm install noblox.js --save

# if you're using yarn:
$ yarn add noblox.js

# Run this instead to install noblox.js globally so you can use it anywhere.
$ npm install noblox.js -g

That's it!

Documentation

You can find the current noblox.js wiki with all API documentation here. Keep in mind that all methods may not be documented.

Making use of new login workaround

Note, as of v4.6.0 The way you log in to Noblox has changed significantly. The library is no longer responsible for refreshing your cookies

This is because of many reasons including that creating a file caused several security/usability issues and made the library incompatible with some hosts.

Initial setup

  1. Remove any usages of the login or cookieLogin methods.
  2. Run setCookie with your cookie. This will store your cookie internally and validate it, but will perform no cookie refresh automatically
  3. While this works, Roblox .ROBLOSECURITY cookies expire after an unknown length of time. For applications which run continuously, you must use the function refreshCookie to prevent this. This will refresh either the cookie you pass or the internally stored cookie and return the new one.*
  4. You need to store this new cookie somewhere - whether it be in a database, or a JSON file.

* See Cookie expiration for an in depth discussion of cookie expiration.

Note: By default, setCookie will validate the cookie you provide by making a HTTP request. To Disable this behaviour, pass false as the second parameter (validate)

  1. Open any Roblox page and login
  2. Press Control + Shift + i on your keyboard
  3. Click Application
  4. Find .ROBLOSECURITY. Copy its contents, which will start with: _|WARNING:-DO
  5. Put this full token, including the warning into cookieLogin: rbx.setCookie( tokenHere )

Example

This example makes use of the new async-await syntax.

const rbx = require("noblox.js")
async function startApp () {
    await rbx.setCookie("_|WARNING:-DO-NOT-SHARE-THIS.--Sharing-this-will-allow-someone-to-log-in-as-you-and-to-steal-your-ROBUX-and-items.|_F9F1EA531adk")
    // Do everything else, calling functions and the like.
    let currentUser = await rbx.getCurrentUser()
}

Drawbacks

Common issues

CSRF

In July 2020 Roblox updated the endpoint we used to get CSRF tokens (auth.roblox.com/v1/logout) and essentially disabled it. They didn't warn anyone of this change so as of v4.6.3 we've updated to a new endpoint that works. To make use of the new fix, run npm install noblox.js@4.6.3. Alternatively, use latest to get the latest version.

We previously advised users to refresh cookies. This is no longer the case. Your Roblox authentication cookies will not expire as long as you do not log into the account, or use the log out or "Sign out all sessions" buttons.

For this reason, we advise you use a bot account.

Credits

  • suufi - Lead maintainer
  • sentanos - We wouldn't exist without him. 😀
  • Neztore - Library maintenance and review
  • popeeyy - Creation of the documentation.
  • edward - Helping with the creation of the documentation.

License

MIT

Keywords

FAQs

Package last updated on 17 Feb 2021

Did you know?

Socket

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install

Related posts

SocketSocket SOC 2 Logo

Product

  • Package Alerts
  • Integrations
  • Docs
  • Pricing
  • FAQ
  • Roadmap
  • Changelog

Packages

npm

Stay in touch

Get open source security insights delivered straight into your inbox.


  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc