New Research: Supply Chain Attack on Axios Pulls Malicious Dependency from npm.Details →
Socket
Book a DemoSign in
Socket
Book a DemoSign in

node-steam-openid

Package Overview
Dependencies
Maintainers
0
Versions
11
Alerts
File Explorer

Advanced tools

License
Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

node-steam-openid

A wrapper package around Steam's Authentication API. Supports promises :)

latest
Source
npmnpm
Version
2.0.0
Version published
Weekly downloads
1.8K
-28.42%
Maintainers
0
Weekly downloads
 
Created
Source

node-steam-openid

npm version npm ci

A lightweight wrapper package around Steam's Authentication API, which supports promises :)

Requirements

  • Express @ 4.x

Usage

Install the package by typing npm i node-steam-openid in your project folder.

Setup

const SteamAuth = require("node-steam-openid");

const steam = new SteamAuth({
  realm: "http://localhost:5000", // Site name displayed to users on logon
  returnUrl: "http://localhost:5000/auth/steam/authenticate", // Your return route
  apiKey: "XXXXXXXXXXXXXXXXXXXXXXXXXX", // Steam API key
});

Routes

app.get("/auth/steam", async (req, res) => {
  const redirectUrl = await steam.getRedirectUrl();
  return res.redirect(redirectUrl);
});

app.get("/auth/steam/authenticate", async (req, res) => {
  try {
    const user = await steam.authenticate(req);

    //...do something with the data
  } catch (error) {
    console.error(error);
  }
});

Methods

getRedirectUrl

Gets the redirect URL to Steam.

Parameters

None

Returns

  • Promise (String)

Example

steam.getRedirectUrl().then(url => {
  //...do something with the url
});

authenticate

Authenticates the user with oAuth.

Parameters

  • request (ExpressJsRequest, Object)

Returns

  • Promise (UserObject)

Example

steam.authenticate(req).then(user => {
  //...do something with the user
});

Objects

UserObject

Object which holds all the authenticated user's data. The key _json holds the raw response from Steam API.

Example

{
  _json: { ... },
  steamid: "12345678912345678",
  username: "Example Username",
  name: "Example Name",
  profile: {
    url: "https://steamcommunity.com/id/Example",
    background: {
      static: "....jpg" | null,
      movie: "....webm" | null,
    },
    background_mini: {
      static: "....jpg" | null,
      movie: "....webm" | null,
    },
  },
  avatar: {
    small: "...",
    medium: "...",
    large: "...",
    animated: {
      static: "....png" | null,
      movie: "....webm" | null,
    },
    frame: {
      static: "....png" | null,
      movie: "....webm" | null,
    },
  }
}

Contributing

See CONTRIBUTING.md for contributing guidelines.

Security

See SECURITY.md for security practices.

Development Roadmap

  • Add the ability to pass custom variables to Steam (query parameters)
  • Add support for Node.js native HTTP <http.IncomingMessage> class.
  • Add unit tests

License

MIT <3

Keywords

steam
oauth
api
promises

FAQs

Package last updated on 23 Nov 2024

Did you know?

Socket

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install

Related posts

Supply Chain Attack on Axios Pulls Malicious Dependency from npm

Research

Supply Chain Attack on Axios Pulls Malicious Dependency from npm

A supply chain attack on Axios introduced a malicious dependency, plain-crypto-js@4.2.1, published minutes earlier and absent from the project’s GitHub releases.

By Socket Research Team  -  Mar 31, 2026