Add Steam inventory test endpoint and improve error handling

rainerstudios · claude · rainerstudios · commit 84acfe9d25e6 · 2025-10-31T16:11:47.000Z
Changes: - Added test endpoint GET /api/steam/inventory/test/:steamId (no auth required) - Improved error handling with detailed debug information - Added browser-like headers to Steam API requests - Better error messages for 400/401/403 responses - Created test script (test-inventory.js) for manual testing Error handling improvements: - Now shows Steam API status code and response body - Differentiates between private inventory (403) and invalid requests (400/401) - Provides actionable error messages to users Testing results: - Steam API requires specific conditions for inventory access - Some inventories may be private or require authentication - Test endpoint allows frontend testing without auth WARNING: Test endpoint exposes inventory data publicly Remove /api/steam/inventory/test/:steamId in production! 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <noreply@anthropic.com>
diff --git a/index.js b/index.js
@@ -4149,6 +4149,23 @@ app.post('/api/steam/inventory/sync', requireAuth, async (req, res) => {
     }
 });
 
+// TEST ENDPOINT - Remove auth requirement for testing
+// WARNING: This exposes inventory data publicly! Remove in production!
+app.get('/api/steam/inventory/test/:steamId', async (req, res) => {
+    try {
+        const { steamId } = req.params;
+        const result = await steamInventory.getSteamInventory(steamId);
+        res.json(result);
+    } catch (error) {
+        winston.error('Test inventory fetch error:', error);
+        res.status(500).json({
+            success: false,
+            error: 'Failed to fetch inventory',
+            message: error.message
+        });
+    }
+});
+
 winston.info('Steam inventory endpoints loaded');
 
 
diff --git a/lib/steam-inventory.js b/lib/steam-inventory.js
@@ -20,19 +20,36 @@ async function getSteamInventory(steamId) {
 
         const response = await fetch(url, {
             headers: {
-                'User-Agent': 'CS2FloatChecker/1.0'
+                'User-Agent': 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36',
+                'Accept': 'application/json, text/javascript, */*; q=0.01',
+                'Accept-Language': 'en-US,en;q=0.9',
+                'Referer': `https://steamcommunity.com/profiles/${steamId}/inventory`,
+                'X-Requested-With': 'XMLHttpRequest'
             },
             timeout: 30000
         });
 
         if (!response.ok) {
+            const errorText = await response.text().catch(() => '');
+
             if (response.status === 403) {
                 return {
                     success: false,
                     error: 'Inventory is private',
-                    message: 'Please set your Steam inventory to public in privacy settings'
+                    message: 'Please set your Steam inventory to public in privacy settings',
+                    debug: { status: response.status, body: errorText.substring(0, 200) }
                 };
             }
+
+            if (response.status === 400 || response.status === 401) {
+                return {
+                    success: false,
+                    error: 'Cannot access inventory',
+                    message: `Steam API returned ${response.status}. Inventory may be private or Steam ID invalid.`,
+                    debug: { status: response.status, statusText: response.statusText, body: errorText.substring(0, 200) }
+                };
+            }
+
             throw new Error(`HTTP ${response.status}: ${response.statusText}`);
         }
 
diff --git a/test-inventory.js b/test-inventory.js
@@ -0,0 +1,148 @@
+const fetch = require('node-fetch');
+const steamInventory = require('./lib/steam-inventory');
+
+// Test Steam Community API directly
+async function testSteamAPI() {
+    console.log('=== Testing Steam Community API ===\n');
+
+    const testCases = [
+        { id: '76561198084398045', name: 'shroud (public profile)' },
+        { id: '76561197960287930', name: 'Gabe Newell' },
+        { id: '76561199094452064', name: 'Test user' }
+    ];
+
+    for (const test of testCases) {
+        const url = `https://steamcommunity.com/inventory/${test.id}/730/2?l=english&count=5`;
+
+        console.log(`\n📦 Testing: ${test.name}`);
+        console.log(`SteamID: ${test.id}`);
+
+        try {
+            const response = await fetch(url, {
+                headers: {
+                    'User-Agent': 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36',
+                    'Accept': 'application/json, text/javascript, */*; q=0.01',
+                    'Accept-Language': 'en-US,en;q=0.9',
+                    'Referer': `https://steamcommunity.com/profiles/${test.id}/inventory`,
+                    'X-Requested-With': 'XMLHttpRequest'
+                },
+                timeout: 10000
+            });
+
+            console.log(`Status: ${response.status} ${response.statusText}`);
+
+            if (!response.ok) {
+                if (response.status === 403) {
+                    console.log('❌ Inventory is private');
+                } else {
+                    console.log(`❌ HTTP Error: ${response.status}`);
+                }
+                continue;
+            }
+
+            const text = await response.text();
+            let data;
+
+            try {
+                data = JSON.parse(text);
+            } catch (e) {
+                console.log('❌ Invalid JSON response');
+                console.log('Response preview:', text.substring(0, 100));
+                continue;
+            }
+
+            if (!data) {
+                console.log('❌ Empty response');
+                continue;
+            }
+
+            if (data.error) {
+                console.log(`❌ Steam API Error: ${data.error}`);
+                continue;
+            }
+
+            console.log('✅ Success!');
+            console.log(`Total inventory items: ${data.total_inventory_count || 'N/A'}`);
+            console.log(`Assets returned: ${data.assets ? data.assets.length : 0}`);
+            console.log(`Descriptions: ${data.descriptions ? data.descriptions.length : 0}`);
+
+            if (data.assets && data.assets.length > 0) {
+                const asset = data.assets[0];
+                const desc = data.descriptions.find(d =>
+                    d.classid === asset.classid && d.instanceid === asset.instanceid
+                );
+
+                if (desc) {
+                    console.log('\nSample item:');
+                    console.log(`  Name: ${desc.market_name || desc.name}`);
+                    console.log(`  Type: ${desc.type}`);
+                    console.log(`  Tradable: ${desc.tradable === 1}`);
+                    console.log(`  Marketable: ${desc.marketable === 1}`);
+                }
+            }
+
+        } catch (error) {
+            console.log(`❌ Error: ${error.message}`);
+        }
+
+        // Wait between requests
+        await new Promise(resolve => setTimeout(resolve, 1000));
+    }
+}
+
+// Test our inventory parsing function
+async function testInventoryParser() {
+    console.log('\n\n=== Testing Our Inventory Parser ===\n');
+
+    const steamId = '76561198084398045'; // shroud - known public inventory
+
+    console.log(`Fetching inventory for SteamID: ${steamId}`);
+
+    try {
+        const result = await steamInventory.getSteamInventory(steamId);
+
+        console.log('\nParser Result:');
+        console.log(`Success: ${result.success}`);
+
+        if (!result.success) {
+            console.log(`Error: ${result.error}`);
+            console.log(`Message: ${result.message}`);
+            return;
+        }
+
+        console.log(`Total items: ${result.total_items}`);
+
+        if (result.items && result.items.length > 0) {
+            const item = result.items[0];
+
+            console.log('\nFirst item parsed:');
+            console.log(JSON.stringify({
+                assetid: item.assetid,
+                name: item.name,
+                market_name: item.market_name,
+                type: item.type,
+                wear: item.wear,
+                wear_full: item.wear_full,
+                is_stattrak: item.is_stattrak,
+                tradable: item.tradable,
+                marketable: item.marketable,
+                rarity: item.rarity,
+                weapon_type: item.weapon_type,
+                image_url: item.image_url?.substring(0, 60) + '...',
+                inspect_link: item.inspect_link ? 'Present' : 'None',
+                defindex: item.defindex
+            }, null, 2));
+        }
+
+    } catch (error) {
+        console.log(`❌ Parser Error: ${error.message}`);
+        console.error(error);
+    }
+}
+
+// Run tests
+(async () => {
+    await testSteamAPI();
+    await testInventoryParser();
+    console.log('\n=== Tests Complete ===\n');
+})();
