From 6c77c5231ccbb4e6350652ccb912e693f7a0bdc4 Mon Sep 17 00:00:00 2001
From: Alex Corn <alex@alexcorn.com>
Date: Fri, 10 Nov 2023 20:49:48 -0500
Subject: [PATCH] Updated enable and disable_twofactor examples to not use
 steam-session

---
 examples/disable_twofactor.js | 81 ++++++++++------------------------
 examples/enable_twofactor.js  | 83 ++++++++++-------------------------
 2 files changed, 44 insertions(+), 120 deletions(-)

diff --git a/examples/disable_twofactor.js b/examples/disable_twofactor.js
index 98f9c90..961a96e 100644
--- a/examples/disable_twofactor.js
+++ b/examples/disable_twofactor.js
@@ -1,7 +1,7 @@
 // If you aren't running this script inside of the repository, replace the following line with:
 // const SteamCommunity = require('steamcommunity');
 const SteamCommunity = require('../index.js');
-const SteamSession = require('steam-session');
+const SteamTotp = require('steam-totp');
 const ReadLine = require('readline');
 
 let g_AbortPromptFunc = null;
@@ -13,69 +13,32 @@ async function main() {
 	let accountName = await promptAsync('Username: ');
 	let password = await promptAsync('Password (hidden): ', true);
 
-	// Create a LoginSession for us to use to attempt to log into steam
-	let session = new SteamSession.LoginSession(SteamSession.EAuthTokenPlatformType.MobileApp);
+	attemptLogin(accountName, password);
+}
 
-	// Go ahead and attach our event handlers before we do anything else.
-	session.on('authenticated', async () => {
-		abortPrompt();
+function attemptLogin(accountName, password, twoFactorCode) {
+	community.login({
+		accountName,
+		password,
+		twoFactorCode,
+		disableMobile: false
+	}, async (err) => {
+		if (err && err.message == 'SteamGuardMobile') {
+			let code = await promptAsync('Steam Guard App Code OR Shared Secret: ');
+			if (code.length > 5) {
+				// If we were provided a shared secret, turn it into a code.
+				code = SteamTotp.getAuthCode(code);
+			}
+			attemptLogin(accountName, password, code);
+			return;
+		}
 
-		let accessToken = session.accessToken;
-		let cookies = await session.getWebCookies();
-
-		community.setCookies(cookies);
-		community.setMobileAppAccessToken(accessToken);
-
-		// Enabling or disabling 2FA is presently the only action in node-steamcommunity which requires an access token.
-		// In all other cases, using `community.setCookies(cookies)` is all you need to do in order to be logged in,
-		// although there's never any harm in setting a mobile app access token.
+		if (err) {
+			throw err;
+		}
 
 		doRevoke();
 	});
-
-	session.on('timeout', () => {
-		abortPrompt();
-		console.log('This login attempt has timed out.');
-	});
-
-	session.on('error', (err) => {
-		abortPrompt();
-
-		// This should ordinarily not happen. This only happens in case there's some kind of unexpected error while
-		// polling, e.g. the network connection goes down or Steam chokes on something.
-
-		console.log(`ERROR: This login attempt has failed! ${err.message}`);
-	});
-
-	// Start our login attempt
-	let startResult = await session.startWithCredentials({accountName, password});
-	if (startResult.actionRequired) {
-		// Some Steam Guard action is required. We only care about email and device codes; in theory an
-		// EmailConfirmation and/or DeviceConfirmation action could be possible, but we're just going to ignore those.
-		// If the user does receive a confirmation and accepts it, LoginSession will detect and handle that automatically.
-		// The only consequence of ignoring it here is that we don't print a message to the user indicating that they
-		// could accept an email or device confirmation.
-
-		let codeActionTypes = [SteamSession.EAuthSessionGuardType.EmailCode, SteamSession.EAuthSessionGuardType.DeviceCode];
-		let codeAction = startResult.validActions.find(action => codeActionTypes.includes(action.type));
-		if (codeAction) {
-			if (codeAction.type == SteamSession.EAuthSessionGuardType.EmailCode) {
-				// We wouldn't expect this to happen since we're trying to disable 2FA, but just in case...
-				console.log(`A code has been sent to your email address at ${codeAction.detail}.`);
-			} else {
-				console.log('You need to provide a Steam Guard Mobile Authenticator code.');
-			}
-
-			let code = await promptAsync('Code: ');
-			if (code) {
-				await session.submitSteamGuardCode(code);
-			}
-
-			// If we fall through here without submitting a Steam Guard code, that means one of two things:
-			//   1. The user pressed enter without providing a code, in which case the script will simply exit
-			//   2. The user approved a device/email confirmation, in which case 'authenticated' was emitted and the prompt was canceled
-		}
-	}
 }
 
 async function doRevoke() {
diff --git a/examples/enable_twofactor.js b/examples/enable_twofactor.js
index 69adfda..141455c 100644
--- a/examples/enable_twofactor.js
+++ b/examples/enable_twofactor.js
@@ -1,7 +1,6 @@
 // If you aren't running this script inside of the repository, replace the following line with:
 // const SteamCommunity = require('steamcommunity');
 const SteamCommunity = require('../index.js');
-const SteamSession = require('steam-session');
 const ReadLine = require('readline');
 const FS = require('fs');
 
@@ -16,69 +15,28 @@ async function main() {
 	let accountName = await promptAsync('Username: ');
 	let password = await promptAsync('Password (hidden): ', true);
 
-	// Create a LoginSession for us to use to attempt to log into steam
-	let session = new SteamSession.LoginSession(SteamSession.EAuthTokenPlatformType.MobileApp);
+	attemptLogin(accountName, password);
+}
 
-	// Go ahead and attach our event handlers before we do anything else.
-	session.on('authenticated', async () => {
-		abortPrompt();
+function attemptLogin(accountName, password, authCode) {
+	community.login({
+		accountName,
+		password,
+		authCode,
+		disableMobile: false
+	}, async (err) => {
+		if (err && err.message == 'SteamGuard') {
+			let code = await promptAsync('Steam Guard Email Code: ');
+			attemptLogin(accountName, password, code);
+			return;
+		}
 
-		let accessToken = session.accessToken;
-		let cookies = await session.getWebCookies();
-
-		community.setCookies(cookies);
-		community.setMobileAppAccessToken(accessToken);
-
-		// Enabling or disabling 2FA is presently the only action in node-steamcommunity which requires an access token.
-		// In all other cases, using `community.setCookies(cookies)` is all you need to do in order to be logged in,
-		// although there's never any harm in setting a mobile app access token.
+		if (err) {
+			throw err;
+		}
 
 		doSetup();
 	});
-
-	session.on('timeout', () => {
-		abortPrompt();
-		console.log('This login attempt has timed out.');
-	});
-
-	session.on('error', (err) => {
-		abortPrompt();
-
-		// This should ordinarily not happen. This only happens in case there's some kind of unexpected error while
-		// polling, e.g. the network connection goes down or Steam chokes on something.
-
-		console.log(`ERROR: This login attempt has failed! ${err.message}`);
-	});
-
-	// Start our login attempt
-	let startResult = await session.startWithCredentials({accountName, password});
-	if (startResult.actionRequired) {
-		// Some Steam Guard action is required. We only care about email and device codes; in theory an
-		// EmailConfirmation and/or DeviceConfirmation action could be possible, but we're just going to ignore those.
-		// If the user does receive a confirmation and accepts it, LoginSession will detect and handle that automatically.
-		// The only consequence of ignoring it here is that we don't print a message to the user indicating that they
-		// could accept an email or device confirmation.
-
-		let codeActionTypes = [SteamSession.EAuthSessionGuardType.EmailCode, SteamSession.EAuthSessionGuardType.DeviceCode];
-		let codeAction = startResult.validActions.find(action => codeActionTypes.includes(action.type));
-		if (codeAction) {
-			if (codeAction.type == SteamSession.EAuthSessionGuardType.EmailCode) {
-				console.log(`A code has been sent to your email address at ${codeAction.detail}.`);
-			} else {
-				// We wouldn't expect this to happen since we're trying to enable 2FA, but just in case...
-				console.log('You need to provide a Steam Guard Mobile Authenticator code.');
-			}
-
-			let code = await promptAsync('Code: ');
-			if (code) {
-				await session.submitSteamGuardCode(code);
-			}
-
-			// If we fall through here without submitting a Steam Guard code, that means one of two things:
-			//   1. The user pressed enter without providing a code, in which case the script will simply exit
-			//   2. The user approved a device/email confirmation, in which case 'authenticated' was emitted and the prompt was canceled
-		}
-	}
 }
 
 function doSetup() {
@@ -118,10 +76,13 @@ function doSetup() {
 
 async function promptActivationCode(response) {
 	if (response.phone_number_hint) {
-		console.log(`A code has been sent to your phone ending in ${response.phone_number_hint}.`);
+		console.log(`An activation code has been sent to your phone ending in ${response.phone_number_hint}.`);
+	} else if (response.confirm_type == 3) {
+		// Exact meaning of confirm_type is unknown, but 3 appears to be email code
+		console.log('An activation code has been sent to your email.');
 	}
 
-	let smsCode = await promptAsync('SMS Code: ');
+	let smsCode = await promptAsync('Activation Code: ');
 	community.finalizeTwoFactor(response.shared_secret, smsCode, (err) => {
 		if (err) {
 			if (err.message == 'Invalid activation code') {