From a572436c8a2e19a68d347a57528c4646d2070916 Mon Sep 17 00:00:00 2001
From: JackTerok <martinreiter93@googlemail.com>
Date: Fri, 19 Feb 2021 16:20:03 +0100
Subject: [PATCH 01/16] properly mask the ServerAPIToken in the web interface

---
 Core/Main/PTMagicConfiguration.cs    | 19 +++++++++++++++++++
 Monitor/Pages/SettingsGeneral.cshtml |  2 +-
 2 files changed, 20 insertions(+), 1 deletion(-)

diff --git a/Core/Main/PTMagicConfiguration.cs b/Core/Main/PTMagicConfiguration.cs
index 7d29d14..64eda87 100644
--- a/Core/Main/PTMagicConfiguration.cs
+++ b/Core/Main/PTMagicConfiguration.cs
@@ -83,6 +83,25 @@ namespace Core.Main
       return result;
     }
 
+    public string GetProfitTrailerServerAPITokenMasked()
+    {
+      string result = "";
+
+      if (!this.GeneralSettings.Application.ProfitTrailerServerAPIToken.Equals(""))
+      {
+        result = this.GeneralSettings.Application.ProfitTrailerServerAPIToken.Substring(0, 4);
+
+        for (int i = 1; i < this.GeneralSettings.Application.ProfitTrailerServerAPIToken.Length - 8; i++)
+        {
+          result += "*";
+        }
+
+        result += this.GeneralSettings.Application.ProfitTrailerServerAPIToken.Substring(this.GeneralSettings.Application.ProfitTrailerServerAPIToken.Length - 4);
+      }
+
+      return result;
+    }
+
     public GeneralSettings GeneralSettings
     {
       get
diff --git a/Monitor/Pages/SettingsGeneral.cshtml b/Monitor/Pages/SettingsGeneral.cshtml
index 64c3783..c128641 100644
--- a/Monitor/Pages/SettingsGeneral.cshtml
+++ b/Monitor/Pages/SettingsGeneral.cshtml
@@ -92,7 +92,7 @@
               <div class="form-group row">
                 <label class="col-md-4 col-form-label">Profit Trailer Server API Token <i class="fa fa-info-circle text-muted" data-toggle="tooltip" data-placement="top" title="The API token needed to communicate with Profit Trailer - set in Profit Trailer Server Settings"></i></label>
                 <div class="col-md-8">
-                  <input type="text" class="form-control" name="Application_ProfitTrailerServerAPIToken" value="@Model.PTMagicConfiguration.GeneralSettings.Application.ProfitTrailerServerAPIToken">
+                  @Model.PTMagicConfiguration.GetProfitTrailerServerAPITokenMasked()
                 </div>
               </div>
 

From 91e8fecb2882eee2a4350ccb825f32d500fd9096 Mon Sep 17 00:00:00 2001
From: JackTerok <martinreiter93@googlemail.com>
Date: Fri, 19 Feb 2021 18:32:36 +0100
Subject: [PATCH 02/16] fix check if password and confirm are identical

---
 Monitor/Pages/SetupPassword.cshtml.cs | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/Monitor/Pages/SetupPassword.cshtml.cs b/Monitor/Pages/SetupPassword.cshtml.cs
index eb53c5f..f8d6bb8 100644
--- a/Monitor/Pages/SetupPassword.cshtml.cs
+++ b/Monitor/Pages/SetupPassword.cshtml.cs
@@ -20,10 +20,10 @@ namespace Monitor.Pages
     {
       if (!password.Equals(passwordConfirm))
       {
-        ValidationMessage = "Password does not match the confirmation!";
+        base.PreInit();
+        Response.Redirect(PTMagicConfiguration.GeneralSettings.Monitor.RootUrl + "SetupPassword");
       }
-
-      if (ModelState.IsValid)
+      else if (ModelState.IsValid)
       {
         base.PreInit();
         PTMagicConfiguration.WriteSecureSettings(password);

From b9082c788932f0e00d1108a80abc1fe1e3aa4dfd Mon Sep 17 00:00:00 2001
From: JackTerok <martinreiter93@googlemail.com>
Date: Fri, 19 Feb 2021 22:14:01 +0100
Subject: [PATCH 03/16] make password change secure

---
 Monitor/Pages/SetupPassword.cshtml    | 21 +++++++-------
 Monitor/Pages/SetupPassword.cshtml.cs | 41 ++++++++++++++++++++-------
 2 files changed, 40 insertions(+), 22 deletions(-)

diff --git a/Monitor/Pages/SetupPassword.cshtml b/Monitor/Pages/SetupPassword.cshtml
index 7c2f9d0..600a91b 100644
--- a/Monitor/Pages/SetupPassword.cshtml
+++ b/Monitor/Pages/SetupPassword.cshtml
@@ -14,9 +14,18 @@
     <h3 class="text-center"> <strong class="text-custom">PT Magic</strong> </h3>
     <p class="text-center">Setup your password.</p>
   </div>
-
   <div class="p-20">
     <form class="form-horizontal m-t-20" method="post">
+
+      @if (System.IO.File.Exists(System.IO.Directory.GetCurrentDirectory().Split("Monitor")[0] + "settings.secure.json"))
+      {
+        <div class="form-group">
+          <div class="col-12">
+            <input name="OldPassword" class="form-control" type="password" required="" placeholder="Old Password">
+          </div>
+        </div>
+      }
+
       <div class="form-group">
         <div class="col-12">
           <input name="Password" class="form-control" type="password" required="" placeholder="Password">
@@ -29,14 +38,6 @@
         </div>
       </div>
 
-      @if (!Model.ValidationMessage.Equals("")) {
-      <div class="form-group">
-        <div class="text-danger m-l-10">
-          @Model.ValidationMessage
-        </div>
-      </div>
-      }
-
       <div class="form-group text-center m-t-40">
         <div class="col-12">
           <button class="btn btn-ptmagic btn-block text-uppercase waves-effect waves-light" type="submit">
@@ -44,9 +45,7 @@
           </button>
         </div>
       </div>
-
     </form>
-
   </div>
 </div>
 
diff --git a/Monitor/Pages/SetupPassword.cshtml.cs b/Monitor/Pages/SetupPassword.cshtml.cs
index f8d6bb8..0d93fd6 100644
--- a/Monitor/Pages/SetupPassword.cshtml.cs
+++ b/Monitor/Pages/SetupPassword.cshtml.cs
@@ -4,6 +4,7 @@ using Microsoft.AspNetCore.Http;
 using System.Threading.Tasks;
 using Newtonsoft.Json;
 using Core.Main;
+using Core.Helper;
 
 namespace Monitor.Pages
 {
@@ -16,19 +17,37 @@ namespace Monitor.Pages
       base.PreInit();
     }
 
-    public void OnPost(string password, string passwordConfirm)
+    public void OnPost(string OldPassword, string Password, string PasswordConfirm)
     {
-      if (!password.Equals(passwordConfirm))
-      {
-        base.PreInit();
-        Response.Redirect(PTMagicConfiguration.GeneralSettings.Monitor.RootUrl + "SetupPassword");
-      }
-      else if (ModelState.IsValid)
-      {
-        base.PreInit();
-        PTMagicConfiguration.WriteSecureSettings(password);
+      base.PreInit();
 
-        Response.Redirect(PTMagicConfiguration.GeneralSettings.Monitor.RootUrl + "Login");
+      string encryptedOldPassword = null;
+
+      if (OldPassword != null)
+      {
+          encryptedOldPassword = EncryptionHelper.Encrypt(OldPassword);
+
+          if (!Password.Equals(PasswordConfirm) || !encryptedOldPassword.Equals(PTMagicConfiguration.SecureSettings.MonitorPassword) && System.IO.File.Exists(System.IO.Directory.GetCurrentDirectory().Split("Monitor")[0] + "settings.secure.json"))
+          {
+            Response.Redirect(PTMagicConfiguration.GeneralSettings.Monitor.RootUrl + "SetupPassword");
+          }
+          else if (ModelState.IsValid)
+          {
+            PTMagicConfiguration.WriteSecureSettings(Password);
+            Response.Redirect(PTMagicConfiguration.GeneralSettings.Monitor.RootUrl + "Login");
+          }
+      }
+      else
+      {
+          if (!Password.Equals(PasswordConfirm) && !System.IO.File.Exists(System.IO.Directory.GetCurrentDirectory().Split("Monitor")[0] + "settings.secure.json"))
+          {
+            Response.Redirect(PTMagicConfiguration.GeneralSettings.Monitor.RootUrl + "SetupPassword");
+          }
+          else if (ModelState.IsValid)
+          {
+            PTMagicConfiguration.WriteSecureSettings(Password);
+            Response.Redirect(PTMagicConfiguration.GeneralSettings.Monitor.RootUrl + "Login");
+          }
       }
     }
 

From 1e230cbb4258975bbbccc3325c2b3252080d9f9a Mon Sep 17 00:00:00 2001
From: JackTerok <martinreiter93@googlemail.com>
Date: Sat, 20 Feb 2021 20:11:31 +0100
Subject: [PATCH 04/16] make serverApiToken editable again

---
 Monitor/Pages/SettingsGeneral.cshtml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/Monitor/Pages/SettingsGeneral.cshtml b/Monitor/Pages/SettingsGeneral.cshtml
index c128641..bc00c54 100644
--- a/Monitor/Pages/SettingsGeneral.cshtml
+++ b/Monitor/Pages/SettingsGeneral.cshtml
@@ -92,7 +92,7 @@
               <div class="form-group row">
                 <label class="col-md-4 col-form-label">Profit Trailer Server API Token <i class="fa fa-info-circle text-muted" data-toggle="tooltip" data-placement="top" title="The API token needed to communicate with Profit Trailer - set in Profit Trailer Server Settings"></i></label>
                 <div class="col-md-8">
-                  @Model.PTMagicConfiguration.GetProfitTrailerServerAPITokenMasked()
+                  <input type="text" class="form-control" name="Application_ProfitTrailerServerAPIToken" value="@Model.PTMagicConfiguration.GetProfitTrailerServerAPITokenMasked()">
                 </div>
               </div>
 

From b9a625ee1a001db91d5a450b9faa6102d986adba Mon Sep 17 00:00:00 2001
From: JackTerok <martinreiter93@googlemail.com>
Date: Sat, 20 Feb 2021 20:13:08 +0100
Subject: [PATCH 05/16] more descriptive placeholders

---
 Monitor/Pages/SetupPassword.cshtml | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/Monitor/Pages/SetupPassword.cshtml b/Monitor/Pages/SetupPassword.cshtml
index 600a91b..643f1b7 100644
--- a/Monitor/Pages/SetupPassword.cshtml
+++ b/Monitor/Pages/SetupPassword.cshtml
@@ -28,13 +28,13 @@
 
       <div class="form-group">
         <div class="col-12">
-          <input name="Password" class="form-control" type="password" required="" placeholder="Password">
+          <input name="Password" class="form-control" type="password" required="" placeholder="New Password">
         </div>
       </div>
 
       <div class="form-group">
         <div class="col-12">
-          <input name="PasswordConfirm" class="form-control" type="password" required="" compare="Password" placeholder="Confirm Password">
+          <input name="PasswordConfirm" class="form-control" type="password" required="" compare="Password" placeholder="Confirm New Password">
         </div>
       </div>
 

From 24a50dd24444d64fd01eee6bf5f4133b9e7614f8 Mon Sep 17 00:00:00 2001
From: JackTerok <martinreiter93@googlemail.com>
Date: Sat, 20 Feb 2021 20:26:22 +0100
Subject: [PATCH 06/16] implement proper messages on error

---
 Monitor/Pages/SetupPassword.cshtml    | 5 +++++
 Monitor/Pages/SetupPassword.cshtml.cs | 8 +++++---
 2 files changed, 10 insertions(+), 3 deletions(-)

diff --git a/Monitor/Pages/SetupPassword.cshtml b/Monitor/Pages/SetupPassword.cshtml
index 643f1b7..e99989b 100644
--- a/Monitor/Pages/SetupPassword.cshtml
+++ b/Monitor/Pages/SetupPassword.cshtml
@@ -45,6 +45,11 @@
           </button>
         </div>
       </div>
+      <div class="form-group">
+        <div class="text-danger m-l-10">
+          @Model.ValidationMessage
+        </div>
+      </div>
     </form>
   </div>
 </div>
diff --git a/Monitor/Pages/SetupPassword.cshtml.cs b/Monitor/Pages/SetupPassword.cshtml.cs
index 0d93fd6..54e75c9 100644
--- a/Monitor/Pages/SetupPassword.cshtml.cs
+++ b/Monitor/Pages/SetupPassword.cshtml.cs
@@ -20,7 +20,7 @@ namespace Monitor.Pages
     public void OnPost(string OldPassword, string Password, string PasswordConfirm)
     {
       base.PreInit();
-
+      ValidationMessage = "Test";
       string encryptedOldPassword = null;
 
       if (OldPassword != null)
@@ -29,11 +29,12 @@ namespace Monitor.Pages
 
           if (!Password.Equals(PasswordConfirm) || !encryptedOldPassword.Equals(PTMagicConfiguration.SecureSettings.MonitorPassword) && System.IO.File.Exists(System.IO.Directory.GetCurrentDirectory().Split("Monitor")[0] + "settings.secure.json"))
           {
-            Response.Redirect(PTMagicConfiguration.GeneralSettings.Monitor.RootUrl + "SetupPassword");
+            ValidationMessage = "Old Password wrong or new Password does not match with confirmation";
           }
           else if (ModelState.IsValid)
           {
             PTMagicConfiguration.WriteSecureSettings(Password);
+            ValidationMessage = "";
             Response.Redirect(PTMagicConfiguration.GeneralSettings.Monitor.RootUrl + "Login");
           }
       }
@@ -41,11 +42,12 @@ namespace Monitor.Pages
       {
           if (!Password.Equals(PasswordConfirm) && !System.IO.File.Exists(System.IO.Directory.GetCurrentDirectory().Split("Monitor")[0] + "settings.secure.json"))
           {
-            Response.Redirect(PTMagicConfiguration.GeneralSettings.Monitor.RootUrl + "SetupPassword");
+            ValidationMessage = "New Password does not match with confirmation";
           }
           else if (ModelState.IsValid)
           {
             PTMagicConfiguration.WriteSecureSettings(Password);
+            ValidationMessage = "";
             Response.Redirect(PTMagicConfiguration.GeneralSettings.Monitor.RootUrl + "Login");
           }
       }

From 23e574d9f76a2168aacd772cf570b4102306e5b7 Mon Sep 17 00:00:00 2001
From: HojouFotytu <36724681+HojouFotytu@users.noreply.github.com>
Date: Mon, 22 Feb 2021 13:22:52 +0900
Subject: [PATCH 07/16] Remove PT Path Check

---
 Core/DataObjects/PTMagicData.cs               |  1 -
 Core/Main/PTMagic.cs                          | 27 +++----------------
 Core/Main/PTMagicConfiguration.cs             |  5 ----
 Monitor/Pages/SettingsGeneral.cshtml          |  6 -----
 .../settings.general.json                     |  1 -
 .../DevSettings/settings.general.json         |  1 -
 6 files changed, 4 insertions(+), 37 deletions(-)

diff --git a/Core/DataObjects/PTMagicData.cs b/Core/DataObjects/PTMagicData.cs
index bee52ca..0083de6 100644
--- a/Core/DataObjects/PTMagicData.cs
+++ b/Core/DataObjects/PTMagicData.cs
@@ -35,7 +35,6 @@ namespace Core.Main.DataObjects.PTMagicData
     public bool IsEnabled { get; set; } = true;
     public bool TestMode { get; set; } = true;
     public bool EnableBetaFeatures { get; set; } = false;
-    public string ProfitTrailerPath { get; set; }
     public string ProfitTrailerLicense { get; set; } = "";
     public string ProfitTrailerServerAPIToken { get; set; }
     public string ProfitTrailerMonitorURL { get; set; } = "http://localhost:8081/";
diff --git a/Core/Main/PTMagic.cs b/Core/Main/PTMagic.cs
index 19c986d..c585351 100644
--- a/Core/Main/PTMagic.cs
+++ b/Core/Main/PTMagic.cs
@@ -703,20 +703,11 @@ namespace Core.Main
       {
         try
         {
-          if (this.PTMagicConfiguration.GeneralSettings.Application.TestMode) this.Log.DoLogInfo("TESTMODE ENABLED - No files will be changed!");
-
-          // Check for PT Directory
-          DirectoryInfo ptRoot = new DirectoryInfo(this.PTMagicConfiguration.GeneralSettings.Application.ProfitTrailerPath);
-          if (ptRoot.Exists)
+          if (this.PTMagicConfiguration.GeneralSettings.Application.TestMode) 
           {
-            this.Log.DoLogInfo("Profit Trailer directory found");
-            result = RunProfitTrailerSettingsAPIChecks();
-          }
-          else
-          {
-            this.Log.DoLogError("Profit Trailer directory not found (" + this.PTMagicConfiguration.GeneralSettings.Application.ProfitTrailerPath + ")");
-            result = false;
+            this.Log.DoLogInfo("TESTMODE ENABLED - No files will be changed!");
           }
+          result = RunProfitTrailerSettingsAPIChecks();
 
           // Check for CoinMarketCap API Key
           if (!String.IsNullOrEmpty(this.PTMagicConfiguration.GeneralSettings.Application.CoinMarketCapAPIKey))
@@ -1142,14 +1133,7 @@ namespace Core.Main
       }
     }
 
-    private void GetProfitTrailerPropertiesPaths(out string pairsPropertiesPath, out string dcaPropertiesPath, out string indicatorsPropertiesPath)
-    {
-      // Get current PT properties
-      pairsPropertiesPath = this.PTMagicConfiguration.GeneralSettings.Application.ProfitTrailerPath + Constants.PTPathTrading + Path.DirectorySeparatorChar + this.PairsFileName;
-      dcaPropertiesPath = this.PTMagicConfiguration.GeneralSettings.Application.ProfitTrailerPath + Constants.PTPathTrading + Path.DirectorySeparatorChar + this.DCAFileName;
-      indicatorsPropertiesPath = this.PTMagicConfiguration.GeneralSettings.Application.ProfitTrailerPath + Constants.PTPathTrading + Path.DirectorySeparatorChar + this.IndicatorsFileName;
-    }
-
+    // Get current PT properties
     private void LoadCurrentProfitTrailerProperties()
     {
       // Load current PT properties from API (Valid for PT 2.x and above)
@@ -2143,9 +2127,6 @@ namespace Core.Main
     private void SaveProfitTrailerProperties()
     {
       // Get current PT properties
-      string pairsPropertiesPath, dcaPropertiesPath, indicatorsPropertiesPath;
-      GetProfitTrailerPropertiesPaths(out pairsPropertiesPath, out dcaPropertiesPath, out indicatorsPropertiesPath);
-
       if (this.GlobalSettingWritten || this.SingleMarketSettingChanged)
       {
         // Save current PT properties to API (Valid for PT 2.x and above)
diff --git a/Core/Main/PTMagicConfiguration.cs b/Core/Main/PTMagicConfiguration.cs
index 7d29d14..67ae653 100644
--- a/Core/Main/PTMagicConfiguration.cs
+++ b/Core/Main/PTMagicConfiguration.cs
@@ -47,11 +47,6 @@ namespace Core.Main
       AnalyzerSettingsWrapper asw = JsonConvert.DeserializeObject<AnalyzerSettingsWrapper>(File.ReadAllText(basePath + "settings.analyzer.json"));
       _analyzerSettings = asw.AnalyzerSettings;
 
-      if (!_generalSettings.Application.ProfitTrailerPath.EndsWith(Path.DirectorySeparatorChar))
-      {
-        _generalSettings.Application.ProfitTrailerPath += Path.DirectorySeparatorChar;
-      }
-
       if (!_generalSettings.Application.ProfitTrailerMonitorURL.EndsWith("/"))
       {
         _generalSettings.Application.ProfitTrailerMonitorURL += "/";
diff --git a/Monitor/Pages/SettingsGeneral.cshtml b/Monitor/Pages/SettingsGeneral.cshtml
index 64c3783..af32d3c 100644
--- a/Monitor/Pages/SettingsGeneral.cshtml
+++ b/Monitor/Pages/SettingsGeneral.cshtml
@@ -68,12 +68,6 @@
                 </div>
               </div>
 
-              <div class="form-group row">
-                <label class="col-md-4 col-form-label">Profit Trailer Path <i class="fa fa-info-circle text-muted" data-toggle="tooltip" data-placement="top" title="Path to your Profit Trailer main directory."></i></label>
-                <div class="col-md-8">
-                  @Model.PTMagicConfiguration.GeneralSettings.Application.ProfitTrailerPath
-                </div>
-              </div>
 
               <div class="form-group row">
                 <label class="col-md-4 col-form-label">Profit Trailer License <i class="fa fa-info-circle text-muted" data-toggle="tooltip" data-placement="top" title="Your Profit Trailer license key (needed to change your settings for PT 2.0 and above)"></i></label>
diff --git a/PTMagic/_defaults/_default_settings_PT_2.x/settings.general.json b/PTMagic/_defaults/_default_settings_PT_2.x/settings.general.json
index e594c7b..eac6cf2 100644
--- a/PTMagic/_defaults/_default_settings_PT_2.x/settings.general.json
+++ b/PTMagic/_defaults/_default_settings_PT_2.x/settings.general.json
@@ -3,7 +3,6 @@
     "Application": {
       "IsEnabled": true, // Enables the PTMagic bot (needs restart to take effect)
       "TestMode": false, // If TestMode is active, no properties files will be changed
-      "ProfitTrailerPath": "YOUR PROFIT TRAILER PATH", // Path to your Profit Trailer main directory (use double backslashes for windows like C:\\ProfitTrailer\\)
       "ProfitTrailerLicense": "YOUR PROFIT TRAILER LICENSE KEY", // Your Profit Trailer license key (needed to change your settings for PT 2.0 and above)
       "ProfitTrailerServerAPIToken": "", //Your Profit Trailer Server API Token
       "ProfitTrailerMonitorURL": "http://localhost:8081/", // The URL to your profit trailer monitor (needed to change your settings for PT 2.0 and above)
diff --git a/_Development/DevSettings/settings.general.json b/_Development/DevSettings/settings.general.json
index bb38a61..33b8405 100644
--- a/_Development/DevSettings/settings.general.json
+++ b/_Development/DevSettings/settings.general.json
@@ -3,7 +3,6 @@
     "Application": {
       "IsEnabled": true, // Enables the PTMagic bot (needs restart to take effect)
       "TestMode": false, // If TestMode is active, no properties files will be changed
-      "ProfitTrailerPath": "YOUR PROFIT TRAILER PATH", // Path to your Profit Trailer main directory (use double backslashes for windows like C:\\ProfitTrailer\\)
       "ProfitTrailerLicense": "YOUR PROFIT TRAILER LICENSE KEY", // Your Profit Trailer license key (needed to change your settings for PT 2.0 and above)
       "ProfitTrailerServerAPIToken": "", //Your Profit Trailer Server API Token
       "ProfitTrailerMonitorURL": "http://localhost:8081/", // The URL to your profit trailer monitor (needed to change your settings for PT 2.0 and above)

From 41a1bc76f7bcfe8c5a4afec3eaa07c6a2a0e09e6 Mon Sep 17 00:00:00 2001
From: HojouFotytu <36724681+HojouFotytu@users.noreply.github.com>
Date: Tue, 23 Feb 2021 13:06:21 +0900
Subject: [PATCH 08/16] Version Increment 2.5.7

---
 PTMagic/Program.cs | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/PTMagic/Program.cs b/PTMagic/Program.cs
index 97e290c..94716b9 100644
--- a/PTMagic/Program.cs
+++ b/PTMagic/Program.cs
@@ -6,7 +6,7 @@ using Core.Helper;
 using Microsoft.Extensions.DependencyInjection;
 
 
-[assembly: AssemblyVersion("2.5.6")]
+[assembly: AssemblyVersion("2.5.7")]
 [assembly: AssemblyProduct("PT Magic")]
 
 namespace PTMagic

From 06ac2e98e175f83ae60385ac1739e2bd982c5a86 Mon Sep 17 00:00:00 2001
From: HojouFotytu <36724681+HojouFotytu@users.noreply.github.com>
Date: Tue, 23 Feb 2021 16:20:51 +0900
Subject: [PATCH 09/16] API Mask & unlock settings

---
 Core/Main/PTMagicConfiguration.cs       | 13 ++++++++-----
 Monitor/Pages/Login.cshtml.cs           |  3 ++-
 Monitor/Pages/SettingsGeneral.cshtml    |  2 +-
 Monitor/Pages/SettingsGeneral.cshtml.cs |  1 -
 Monitor/Pages/_Layout.cshtml            |  2 +-
 5 files changed, 12 insertions(+), 9 deletions(-)

diff --git a/Core/Main/PTMagicConfiguration.cs b/Core/Main/PTMagicConfiguration.cs
index 3033a40..3931664 100644
--- a/Core/Main/PTMagicConfiguration.cs
+++ b/Core/Main/PTMagicConfiguration.cs
@@ -84,14 +84,17 @@ namespace Core.Main
 
       if (!this.GeneralSettings.Application.ProfitTrailerServerAPIToken.Equals(""))
       {
-        result = this.GeneralSettings.Application.ProfitTrailerServerAPIToken.Substring(0, 4);
-
-        for (int i = 1; i < this.GeneralSettings.Application.ProfitTrailerServerAPIToken.Length - 8; i++)
+        int tokenLength = this.GeneralSettings.Application.ProfitTrailerServerAPIToken.Length;
+        if (tokenLength == 1)
+        {
+          result = "*";
+        }
+        else
+        result = this.GeneralSettings.Application.ProfitTrailerServerAPIToken.Substring(0, 1);
+        for (int i = 1; i < this.GeneralSettings.Application.ProfitTrailerServerAPIToken.Length; i++)
         {
           result += "*";
         }
-
-        result += this.GeneralSettings.Application.ProfitTrailerServerAPIToken.Substring(this.GeneralSettings.Application.ProfitTrailerServerAPIToken.Length - 4);
       }
 
       return result;
diff --git a/Monitor/Pages/Login.cshtml.cs b/Monitor/Pages/Login.cshtml.cs
index 6958d1a..44c35c5 100644
--- a/Monitor/Pages/Login.cshtml.cs
+++ b/Monitor/Pages/Login.cshtml.cs
@@ -30,7 +30,8 @@ namespace Monitor.Pages
       if (encryptedPassword.Equals(PTMagicConfiguration.SecureSettings.MonitorPassword))
       {
         HttpContext.Session.SetString("LoggedIn" + PTMagicConfiguration.GeneralSettings.Monitor.Port.ToString(), DateTime.UtcNow.ToString("yyyy'-'MM'-'dd'T'HH':'mm':'ss'.'fff'Z'"));
-
+        PTMagicConfiguration.GeneralSettings.Monitor.IsPasswordProtected = true;
+        PTMagicConfiguration.WriteGeneralSettings();
         if (cbRememberMe != null)
         {
           if (cbRememberMe.Equals("on", StringComparison.InvariantCultureIgnoreCase))
diff --git a/Monitor/Pages/SettingsGeneral.cshtml b/Monitor/Pages/SettingsGeneral.cshtml
index 87caf80..168434d 100644
--- a/Monitor/Pages/SettingsGeneral.cshtml
+++ b/Monitor/Pages/SettingsGeneral.cshtml
@@ -86,7 +86,7 @@
               <div class="form-group row">
                 <label class="col-md-4 col-form-label">Profit Trailer Server API Token <i class="fa fa-info-circle text-muted" data-toggle="tooltip" data-placement="top" title="The API token needed to communicate with Profit Trailer - set in Profit Trailer Server Settings"></i></label>
                 <div class="col-md-8">
-                  <input type="text" class="form-control" name="Application_ProfitTrailerServerAPIToken" value="@Model.PTMagicConfiguration.GetProfitTrailerServerAPITokenMasked()">
+                  @Model.PTMagicConfiguration.GetProfitTrailerServerAPITokenMasked()
                 </div>
               </div>
 
diff --git a/Monitor/Pages/SettingsGeneral.cshtml.cs b/Monitor/Pages/SettingsGeneral.cshtml.cs
index 7cf9d5c..5a031e3 100644
--- a/Monitor/Pages/SettingsGeneral.cshtml.cs
+++ b/Monitor/Pages/SettingsGeneral.cshtml.cs
@@ -71,7 +71,6 @@ namespace Monitor.Pages
       PTMagicConfiguration.GeneralSettings.Application.StartBalance = SystemHelper.TextToDouble(HttpContext.Request.Form["Application_StartBalance"], PTMagicConfiguration.GeneralSettings.Application.StartBalance, "en-US");
       PTMagicConfiguration.GeneralSettings.Application.ProfitTrailerDefaultSettingName = HttpContext.Request.Form["Application_ProfitTrailerDefaultSettingName"];
 
-      PTMagicConfiguration.GeneralSettings.Application.ProfitTrailerServerAPIToken = HttpContext.Request.Form["Application_ProfitTrailerServerAPIToken"];
       PTMagicConfiguration.GeneralSettings.Application.TimezoneOffset = HttpContext.Request.Form["Application_TimezoneOffset"];
       PTMagicConfiguration.GeneralSettings.Application.MainFiatCurrency = HttpContext.Request.Form["Application_MainFiatCurrency"];
       
diff --git a/Monitor/Pages/_Layout.cshtml b/Monitor/Pages/_Layout.cshtml
index ccc4465..8096a29 100644
--- a/Monitor/Pages/_Layout.cshtml
+++ b/Monitor/Pages/_Layout.cshtml
@@ -107,7 +107,7 @@
               </li>
             } else {
               <li>
-                <a data-toggle="tooltip" data-placement="top" title="Settings menu is only accessible when you protect your monitor with a password!"><i class="fa fa-lock text-danger"></i> <span> Settings</span></a>
+                <a href="@Html.Raw(Model.PTMagicConfiguration.GeneralSettings.Monitor.RootUrl)Login"  data-toggle="tooltip" data-placement="top" title="Settings menu is only accessible when you protect your monitor with a password!"><i class="fa fa-lock text-danger"></i> <span> Settings</span></a>
               </li>
             }
 

From 3a250132b33822047517fa33ed0a694d05dbb2f1 Mon Sep 17 00:00:00 2001
From: djbadders <34887832+djbadders@users.noreply.github.com>
Date: Tue, 23 Feb 2021 21:27:42 +0000
Subject: [PATCH 10/16] Improvement to the security to clear any content from
 the rendering pipeline before redirect

---
 Monitor/_Internal/BasePageModelSecure.cs | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/Monitor/_Internal/BasePageModelSecure.cs b/Monitor/_Internal/BasePageModelSecure.cs
index 080b8ef..d0a2917 100644
--- a/Monitor/_Internal/BasePageModelSecure.cs
+++ b/Monitor/_Internal/BasePageModelSecure.cs
@@ -1,4 +1,5 @@
-using System;
+using System.Net;
+using System;
 using Microsoft.AspNetCore.Http;
 using Core.Main;
 using Core.Helper;
@@ -27,7 +28,8 @@ namespace Monitor._Internal
       // Security check
       if (!IsLoggedIn(this.HttpContext))
       {
-        HttpContext.Response.Redirect(PTMagicConfiguration.GeneralSettings.Monitor.RootUrl + _redirectUrl);
+        this.HttpContext.Response.Clear();
+        this.HttpContext.Response.Redirect(PTMagicConfiguration.GeneralSettings.Monitor.RootUrl + _redirectUrl);        
       }
     }
 

From b86aa273ee3997bc2ee5560f65affc1c82d1d08b Mon Sep 17 00:00:00 2001
From: HojouFotytu <36724681+HojouFotytu@users.noreply.github.com>
Date: Sat, 27 Feb 2021 15:05:12 +0900
Subject: [PATCH 11/16] password check path

---
 Monitor/Pages/SetupPassword.cshtml    | 2 +-
 Monitor/Pages/SetupPassword.cshtml.cs | 4 ++--
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/Monitor/Pages/SetupPassword.cshtml b/Monitor/Pages/SetupPassword.cshtml
index e99989b..7561630 100644
--- a/Monitor/Pages/SetupPassword.cshtml
+++ b/Monitor/Pages/SetupPassword.cshtml
@@ -17,7 +17,7 @@
   <div class="p-20">
     <form class="form-horizontal m-t-20" method="post">
 
-      @if (System.IO.File.Exists(System.IO.Directory.GetCurrentDirectory().Split("Monitor")[0] + "settings.secure.json"))
+      @if (System.IO.File.Exists(System.IO.Directory.GetCurrentDirectory().Split("Monitor")[0] + "/settings.secure.json"))
       {
         <div class="form-group">
           <div class="col-12">
diff --git a/Monitor/Pages/SetupPassword.cshtml.cs b/Monitor/Pages/SetupPassword.cshtml.cs
index 54e75c9..8d83132 100644
--- a/Monitor/Pages/SetupPassword.cshtml.cs
+++ b/Monitor/Pages/SetupPassword.cshtml.cs
@@ -27,7 +27,7 @@ namespace Monitor.Pages
       {
           encryptedOldPassword = EncryptionHelper.Encrypt(OldPassword);
 
-          if (!Password.Equals(PasswordConfirm) || !encryptedOldPassword.Equals(PTMagicConfiguration.SecureSettings.MonitorPassword) && System.IO.File.Exists(System.IO.Directory.GetCurrentDirectory().Split("Monitor")[0] + "settings.secure.json"))
+          if (!Password.Equals(PasswordConfirm) || !encryptedOldPassword.Equals(PTMagicConfiguration.SecureSettings.MonitorPassword) && System.IO.File.Exists(System.IO.Directory.GetCurrentDirectory().Split("Monitor")[0] + "/settings.secure.json"))
           {
             ValidationMessage = "Old Password wrong or new Password does not match with confirmation";
           }
@@ -40,7 +40,7 @@ namespace Monitor.Pages
       }
       else
       {
-          if (!Password.Equals(PasswordConfirm) && !System.IO.File.Exists(System.IO.Directory.GetCurrentDirectory().Split("Monitor")[0] + "settings.secure.json"))
+          if (!Password.Equals(PasswordConfirm) && !System.IO.File.Exists(System.IO.Directory.GetCurrentDirectory().Split("Monitor")[0] + "/settings.secure.json"))
           {
             ValidationMessage = "New Password does not match with confirmation";
           }

From 32e81be070c3968391c0f50aaffdce2a5bc1902c Mon Sep 17 00:00:00 2001
From: HojouFotytu <36724681+HojouFotytu@users.noreply.github.com>
Date: Sat, 27 Feb 2021 15:39:27 +0900
Subject: [PATCH 12/16] change password link

---
 Monitor/Pages/SettingsGeneral.cshtml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/Monitor/Pages/SettingsGeneral.cshtml b/Monitor/Pages/SettingsGeneral.cshtml
index 168434d..db324b3 100644
--- a/Monitor/Pages/SettingsGeneral.cshtml
+++ b/Monitor/Pages/SettingsGeneral.cshtml
@@ -165,7 +165,7 @@
               <div class="form-group row">
                 <label class="col-md-4 col-form-label">Is Password Protected <i class="fa fa-info-circle text-muted" data-toggle="tooltip" data-placement="top" title="Defines if your monitor will be asking to setup a password on its first start."></i></label>
                 <div class="col-md-8">
-                  <input type="checkbox" name="Monitor_IsPasswordProtected" checked="@(Model.PTMagicConfiguration.GeneralSettings.Monitor.IsPasswordProtected)" data-plugin="switchery" data-color="#81c868" data-size="small" />
+                  <input type="checkbox" name="Monitor_IsPasswordProtected" checked="@(Model.PTMagicConfiguration.GeneralSettings.Monitor.IsPasswordProtected)" data-plugin="switchery" data-color="#81c868" data-size="small" /><a href="@Html.Raw(Model.PTMagicConfiguration.GeneralSettings.Monitor.RootUrl)SetupPassword" label class="col-md-4 col-form-label">(Change Password)</a> <i class="fa fa-info-circle text-muted" data-toggle="tooltip" data-placement="top" title="Change the password required to log in, and view the settings pages"></i></label>
                 </div>
               </div>
 

From c0248f4de073b0312094f6a3f44665ed054fae28 Mon Sep 17 00:00:00 2001
From: HojouFotytu <36724681+HojouFotytu@users.noreply.github.com>
Date: Sun, 28 Feb 2021 13:00:57 +0900
Subject: [PATCH 13/16] password enabled comment

---
 Monitor/Pages/SettingsGeneral.cshtml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/Monitor/Pages/SettingsGeneral.cshtml b/Monitor/Pages/SettingsGeneral.cshtml
index db324b3..78d0028 100644
--- a/Monitor/Pages/SettingsGeneral.cshtml
+++ b/Monitor/Pages/SettingsGeneral.cshtml
@@ -163,7 +163,7 @@
             </div>
             <div id="collapse2" class="panel-collapse collapse">
               <div class="form-group row">
-                <label class="col-md-4 col-form-label">Is Password Protected <i class="fa fa-info-circle text-muted" data-toggle="tooltip" data-placement="top" title="Defines if your monitor will be asking to setup a password on its first start."></i></label>
+                <label class="col-md-4 col-form-label">Is Password Protected <i class="fa fa-info-circle text-muted" data-toggle="tooltip" data-placement="top" title="A password is required to view and edit settings via the GUI."></i></label>
                 <div class="col-md-8">
                   <input type="checkbox" name="Monitor_IsPasswordProtected" checked="@(Model.PTMagicConfiguration.GeneralSettings.Monitor.IsPasswordProtected)" data-plugin="switchery" data-color="#81c868" data-size="small" /><a href="@Html.Raw(Model.PTMagicConfiguration.GeneralSettings.Monitor.RootUrl)SetupPassword" label class="col-md-4 col-form-label">(Change Password)</a> <i class="fa fa-info-circle text-muted" data-toggle="tooltip" data-placement="top" title="Change the password required to log in, and view the settings pages"></i></label>
                 </div>

From f9a5ba2adcb6cd9210f4d28420332aba5c5c168d Mon Sep 17 00:00:00 2001
From: HojouFotytu <36724681+HojouFotytu@users.noreply.github.com>
Date: Sun, 28 Feb 2021 13:04:28 +0900
Subject: [PATCH 14/16] CMC & FCC comments

---
 Monitor/Pages/SettingsGeneral.cshtml | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/Monitor/Pages/SettingsGeneral.cshtml b/Monitor/Pages/SettingsGeneral.cshtml
index 78d0028..bd8a46a 100644
--- a/Monitor/Pages/SettingsGeneral.cshtml
+++ b/Monitor/Pages/SettingsGeneral.cshtml
@@ -133,14 +133,14 @@
               </div>
 
               <div class="form-group row">
-                <label class="col-md-4 col-form-label">CoinMarketCap API Key <i class="fa fa-info-circle text-muted" data-toggle="tooltip" data-placement="top" title="The API Key that will be used to get Coin Data from CoinMarketCap."></i></label>
+                <label class="col-md-4 col-form-label">CoinMarketCap API Key <i class="fa fa-info-circle text-muted" data-toggle="tooltip" data-placement="top" title="The API Key that will be used to get Coin Data from CoinMarketCap (optional)."></i></label>
                 <div class="col-md-8">
                   <input type="text" class="form-control" name="Application_CoinMarketCapAPIKey" value="@Model.PTMagicConfiguration.GeneralSettings.Application.CoinMarketCapAPIKey">
                 </div>
               </div>
 
               <div class="form-group row">
-                <label class="col-md-4 col-form-label">FreeCurrencyConverter API Key <i class="fa fa-info-circle text-muted" data-toggle="tooltip" data-placement="top" title="The api key needed for currency conversions for non-USD currency users."></i></label>
+                <label class="col-md-4 col-form-label">FreeCurrencyConverter API Key <i class="fa fa-info-circle text-muted" data-toggle="tooltip" data-placement="top" title="The api key needed for currency conversions for non-USD currency users (optional)."></i></label>
                 <div class="col-md-8">
                   <input type="text" class="form-control" name="Application_FreeCurrencyConverterAPIKey" value="@Model.PTMagicConfiguration.GeneralSettings.Application.FreeCurrencyConverterAPIKey">
                 </div>

From 7d91a6e0184ff3f774fbc26b9a839e7f24d53059 Mon Sep 17 00:00:00 2001
From: djbadders <34887832+djbadders@users.noreply.github.com>
Date: Sun, 28 Feb 2021 12:45:10 +0000
Subject: [PATCH 15/16] Update git ignore file to ignore monitor/tmp folder

---
 .gitignore | 1 +
 1 file changed, 1 insertion(+)

diff --git a/.gitignore b/.gitignore
index 4d8e3fb..2ff4838 100644
--- a/.gitignore
+++ b/.gitignore
@@ -11,6 +11,7 @@ LocalProfitTrailer
 PTMagic/settings.*
 Monitor/appsettings.json
 Monitor/Monitor
+Monitor/tmp
 Release/
 
 

From 1080f37377c58eff9c4a7c2dec973023d8848e45 Mon Sep 17 00:00:00 2001
From: djbadders <34887832+djbadders@users.noreply.github.com>
Date: Sun, 28 Feb 2021 14:47:23 +0000
Subject: [PATCH 16/16] Fixed TradingView links

---
 Core/Helper/SystemHelper.cs | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/Core/Helper/SystemHelper.cs b/Core/Helper/SystemHelper.cs
index dcb2f79..e3836ba 100644
--- a/Core/Helper/SystemHelper.cs
+++ b/Core/Helper/SystemHelper.cs
@@ -542,7 +542,7 @@ namespace Core.Helper
         }
         else
         {
-          result = "https://uk.tradingview.com/?symbol=" + exchange.ToUpper() + ":" + market.ToUpper();
+          result = "https://uk.tradingview.com/chart/?symbol=" + exchange.ToUpper() + ":" + market.ToUpper();
         }
       }
       else