iDefineHD/TurboTrades
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
f6251356faa61d5d93c6f2da1853392b8484b0dd
TurboTrades/STEAM_SETUP.md
iDefineHD 232968de1e first commit
2026-01-10 04:57:43 +00:00

227 lines
4.9 KiB
Markdown
Raw Blame History

# Steam API Setup Guide
## ✅ Good News!
Your WebSocket is working perfectly! The server is running fine.
The only thing you need to do is add your Steam API key.
---
## 🔑 Get Your Steam API Key
### Step 1: Get the API Key
1. Go to: **https://steamcommunity.com/dev/apikey**
2. Log in with your Steam account
3. Enter a domain name (for local development, you can use `localhost` or `127.0.0.1`)
4. Click "Register"
5. Copy your API key (it looks like: `A1B2C3D4E5F6G7H8I9J0K1L2M3N4O5P6`)
### Step 2: Add to .env File
Open your `.env` file in the TurboTrades folder and update this line:
```env
STEAM_API_KEY=YOUR_STEAM_API_KEY_HERE
```
Replace `YOUR_STEAM_API_KEY_HERE` with your actual key:
```env
STEAM_API_KEY=A1B2C3D4E5F6G7H8I9J0K1L2M3N4O5P6
```
### Step 3: Restart the Server
The server should restart automatically if you're using `npm run dev`.
If not, stop the server (Ctrl+C) and run:
```bash
npm run dev
```
---
## ✅ Test It!
Once you've added your Steam API key:
1. **Test Steam Login:**
- Open: http://localhost:3000/auth/steam
- You should be redirected to Steam to login
- After login, you'll be redirected back with cookies set
2. **Test WebSocket:**
- Open: `test-client.html` in your browser
- Click "Connect"
- You should see "Connected" status
3. **Test API:**
```bash
curl http://localhost:3000/health
```
---
## 🎉 Current Status
✅ Server is running on http://localhost:3000
✅ WebSocket is working at ws://localhost:3000/ws
✅ MongoDB is connected
⏳ Waiting for Steam API key to enable authentication
---
## 🔧 What's Working Now
Based on your logs:
```
✅ Server listening at http://0.0.0.0:3000
✅ WebSocket connection established
✅ Public WebSocket connections working (unauthenticated)
❌ Steam authentication needs API key
```
The **WebSocket connection worked!** It shows:
- Connection type: object
- Connection established successfully
- "⚠️ WebSocket connection without authentication (public)"
This is **perfect** - it means anonymous/public connections work!
---
## 📝 Full .env Example
Your `.env` file should look like this:
```env
# Server Configuration
NODE_ENV=development
PORT=3000
HOST=0.0.0.0
# Database
MONGODB_URI=mongodb://localhost:27017/turbotrades
# Session
SESSION_SECRET=change-this-to-a-random-secret-in-production
# JWT Secrets
JWT_ACCESS_SECRET=change-this-jwt-access-secret-to-something-random
JWT_REFRESH_SECRET=change-this-jwt-refresh-secret-to-something-different
JWT_ACCESS_EXPIRY=15m
JWT_REFRESH_EXPIRY=7d
# Steam OpenID - ADD YOUR KEY HERE ⬇️
STEAM_API_KEY=A1B2C3D4E5F6G7H8I9J0K1L2M3N4O5P6
STEAM_REALM=http://localhost:3000
STEAM_RETURN_URL=http://localhost:3000/auth/steam/return
# Cookie Settings
COOKIE_DOMAIN=localhost
COOKIE_SECURE=false
COOKIE_SAME_SITE=lax
# CORS
CORS_ORIGIN=http://localhost:3000
# Rate Limiting
RATE_LIMIT_MAX=100
RATE_LIMIT_TIMEWINDOW=60000
# Email Configuration (for future)
SMTP_HOST=smtp.example.com
SMTP_PORT=587
SMTP_USER=your-email@example.com
SMTP_PASS=your-email-password
EMAIL_FROM=noreply@turbotrades.com
# WebSocket
WS_PING_INTERVAL=30000
WS_MAX_PAYLOAD=1048576
```
---
## 🚨 Important Notes
1. **Never commit your API key to Git!**
- The `.env` file is already in `.gitignore`
- Keep your API key secret
2. **For production:**
- Generate new random secrets using:
```bash
node -e "console.log(require('crypto').randomBytes(32).toString('hex'))"
```
- Use environment variables or a secure secrets manager
- Change `STEAM_REALM` and `STEAM_RETURN_URL` to your domain
3. **Security:**
- Set `COOKIE_SECURE=true` in production (requires HTTPS)
- Use strong, random secrets for JWT and session
- Enable rate limiting
---
## 🐛 Troubleshooting
### "Failed to discover OP endpoint URL"
**Solution:** Add your Steam API key to `.env` as shown above.
### "listen EADDRINUSE"
**Solution:** Port 3000 is in use. Kill the process:
```bash
# Windows
netstat -ano | findstr :3000
taskkill //F //PID <PID>
# Mac/Linux
lsof -i :3000
kill -9 <PID>
```
### "MongoDB connection error"
**Solution:** Make sure MongoDB is running:
```bash
mongod
```
---
## 🎯 Next Steps
Once Steam login works:
1. **Test the flow:**
- Visit http://localhost:3000/auth/steam
- Log in with Steam
- You'll be redirected back with authentication cookies
2. **Test authenticated endpoints:**
```bash
curl http://localhost:3000/auth/me \
--cookie "accessToken=YOUR_TOKEN"
```
3. **Test authenticated WebSocket:**
- Connect with token in URL: `ws://localhost:3000/ws?token=YOUR_TOKEN`
- Or let cookies handle it automatically
4. **Start building:**
- Add marketplace routes
- Create listing models
- Implement trade functionality
---
**Need help? Check:**
- `README.md` - Full documentation
- `QUICKSTART.md` - Quick setup guide
- `WEBSOCKET_GUIDE.md` - WebSocket details
- `COMMANDS.md` - Command reference
**Everything else is working perfectly! Just add your Steam API key! 🚀**
Reference in New Issue View Git Blame Copy Permalink