I want to avoid a process that occurs every time the time frame is changed.

New comment
 

Hello, I am creating an indicator that uses HTTP requests in the Oninit() function to perform web authentication. This indicator, which is planned for sale, requires a reasonably strict authentication process.
The issue I am facing is that "Oninit() is triggered again when the time frame is changed, leading to repeated web authentication." I would like to avoid this repeated web authentication.

The desired behavior is to perform authentication only once when the terminal is restarted or when the indicator is applied to the chart for the first time.
Then, the web authentication should only occur again in two scenarios: when the date changes or when the terminal is restarted.

It's worth noting that I am using the Post function from the restmql_x64.dll obtained from GitHub, rather than the built-in WebRequest().
Here is the code for restmql_x64.dll in C#:

using System;
using System.Net.Http;
using System.Runtime.InteropServices;
namespace Cyrus.Mql5
{
    public class RestMQL
    {
        [DllExport("Get", CallingConvention = CallingConvention.StdCall)]
        [return: MarshalAs(UnmanagedType.LPTStr)]
        public static string Get([In, MarshalAs(UnmanagedType.LPTStr)] string url)
        {
            using (var httpClient = new HttpClient())
            {
                var response = httpClient.GetStringAsync(new Uri(url)).Result;

                return response;
            }
        }

        [DllExport("Post", CallingConvention = CallingConvention.StdCall)]
        [return: MarshalAs(UnmanagedType.LPTStr)]
        public static string Post([In, MarshalAs(UnmanagedType.LPTStr)] string url, [In, MarshalAs(UnmanagedType.LPTStr)] string data)
        {
            using (var httpClient = new HttpClient())
            {

               var response = httpClient.PostAsync(new Uri(url), new StringContent(data));

               return response.Result.Content.ReadAsStringAsync().Result;
            }
        }
    }
}

Due to the nature of the indicator, where time frames are frequently changed, usability is significantly compromised.


I have considered two possible solutions, but both seem to have vulnerabilities, making it easy to bypass authentication:

  1. Avoid web authentication in Oninit() and perform it in OnTimer() after a delay (e.g., 5 minutes). → This may be bypassed by reapplying the indicator within the 5-minute.

  2. Use global variables in the terminal and skip authentication when there is a time frame change. → This can be easily bypassed if users prepare the necessary global variables in advance.


If you have any solutions or need additional information for a more accurate response, please let me know.

Thank you for your assistance.

GitHub - cyrus13/rest-mql: A REST library for MQL5. Comprises of a C# dll that deals with the REST communication and an MQL5 sample project.
GitHub - cyrus13/rest-mql: A REST library for MQL5. Comprises of a C# dll that deals with the REST communication and an MQL5 sample project.
  • cyrus13
  • github.com
It's a REST library for MQL5. Comprises of a C# dll that deals with the REST communication and an MQL5 sample project. There are numerous examples to call REST API using MQL without a dll. But these examples do not work with backtesting. As a result if you have a functionality in your Expert Advisor (e.g. do not trade during market news) and...
 
vows.ingenue_0j: I want to avoid a process that occurs every time the time frame is changed.

The only thing “that occurs” is a deinit/init cycle. EAs are not reloaded.

 
William Roeder #:

The only thing “that occurs” is a deinit/init cycle. EAs are not reloaded.

@William Roeder
Thank you for your response.

I understand that avoiding the deinit/oninit cycle is inevitable, but I want to prevent the frequent occurrence of the web authentication process that follows.
I would like to implement a method where the indicator recognizes the recent time frame change and avoids web authentication by setting an encrypted numerical value in a global variable or creating a file in an inconspicuous location using WinAPI.

However, to prevent users from tampering with the values or files and to avoid their pre-creation, I thought about implementing a method to generate a different cryptographic value each time and decrypt it. Is there a means to achieve this?

Whether using a hash value in the variable name of a Global variable or using an encrypted numerical value in its content, it would be ideal if the encryption could only be generated and decrypted by the indicator.
Additionally, ensuring that variable names and values are different each time would allow for determining whether to perform web authentication.


Thank you for your support. I appreciate your assistance with this matter.

New comment