Merge branch 'main' of github.com:ghostfolio/ghostfolio

Feature/extend AI prompt API by mode (#4395 )
* Extend AI prompt API by mode * Update changelog
2025-03-07 12:00:54 -08:00 · 2025-03-07 19:48:52 +01:00 · 2025-03-07 19:48:03 +01:00 · 2025-03-06 00:00:53 -08:00 · 2025-03-06 08:14:23 +01:00 · 2025-03-06 08:11:56 +01:00
1205 changed files with 179129 additions and 52662 deletions
--- a/.env.dev
+++ b/.env.dev
@ -0,0 +1,25 @@
+COMPOSE_PROJECT_NAME=ghostfolio-development
+
+# CACHE
+REDIS_HOST=localhost
+REDIS_PORT=6379
+REDIS_PASSWORD=<INSERT_REDIS_PASSWORD>
+
+# POSTGRES
+POSTGRES_DB=ghostfolio-db
+POSTGRES_USER=user
+POSTGRES_PASSWORD=<INSERT_POSTGRES_PASSWORD>
+
+# VARIOUS
+ACCESS_TOKEN_SALT=<INSERT_RANDOM_STRING>
+DATABASE_URL=postgresql://${POSTGRES_USER}:${POSTGRES_PASSWORD}@localhost:5432/${POSTGRES_DB}?connect_timeout=300&sslmode=prefer
+JWT_SECRET_KEY=<INSERT_RANDOM_STRING>
+
+# DEVELOPMENT
+
+# Nx 18 enables using plugins to infer targets by default
+# This is disabled for existing workspaces to maintain compatibility
+# For more info, see: https://nx.dev/concepts/inferred-tasks
+NX_ADD_PLUGINS=false
+
+NX_NATIVE_COMMAND_RUNNER=false
--- a/.env.example
+++ b/.env.example
@ -1,7 +1,7 @@
-COMPOSE_PROJECT_NAME=ghostfolio-development
+COMPOSE_PROJECT_NAME=ghostfolio

 # CACHE
-REDIS_HOST=localhost
+REDIS_HOST=redis
 REDIS_PORT=6379
 REDIS_PASSWORD=<INSERT_REDIS_PASSWORD>

@ -10,7 +10,7 @@ POSTGRES_DB=ghostfolio-db
 POSTGRES_USER=user
 POSTGRES_PASSWORD=<INSERT_POSTGRES_PASSWORD>

+# VARIOUS
 ACCESS_TOKEN_SALT=<INSERT_RANDOM_STRING>
-ALPHA_VANTAGE_API_KEY=
-DATABASE_URL=postgresql://${POSTGRES_USER}:${POSTGRES_PASSWORD}@localhost:5432/${POSTGRES_DB}?sslmode=prefer
+DATABASE_URL=postgresql://${POSTGRES_USER}:${POSTGRES_PASSWORD}@postgres:5432/${POSTGRES_DB}?connect_timeout=300&sslmode=prefer
 JWT_SECRET_KEY=<INSERT_RANDOM_STRING>
--- a/.eslintrc.json
+++ b/.eslintrc.json
@ -1,117 +0,0 @@
-{
-  "root": true,
-  "ignorePatterns": ["**/*"],
-  "plugins": ["@nrwl/nx"],
-  "overrides": [
-    {
-      "files": ["*.ts", "*.tsx", "*.js", "*.jsx"],
-      "rules": {
-        "@nrwl/nx/enforce-module-boundaries": [
-          "error",
-          {
-            "enforceBuildableLibDependency": true,
-            "allow": [],
-            "depConstraints": [
-              {
-                "sourceTag": "*",
-                "onlyDependOnLibsWithTags": ["*"]
-              }
-            ]
-          }
-        ]
-      }
-    },
-    {
-      "files": ["*.ts", "*.tsx"],
-      "extends": ["plugin:@nrwl/nx/typescript"],
-      "rules": {}
-    },
-    {
-      "files": ["*.js", "*.jsx"],
-      "extends": ["plugin:@nrwl/nx/javascript"],
-      "rules": {}
-    },
-    {
-      "files": ["*.ts"],
-      "plugins": ["eslint-plugin-import", "@typescript-eslint"],
-      "rules": {
-        "@typescript-eslint/consistent-type-definitions": "error",
-        "@typescript-eslint/dot-notation": "off",
-        "@typescript-eslint/explicit-member-accessibility": [
-          "off",
-          {
-            "accessibility": "explicit"
-          }
-        ],
-        "@typescript-eslint/member-ordering": "error",
-        "@typescript-eslint/naming-convention": "off",
-        "@typescript-eslint/no-empty-function": "off",
-        "@typescript-eslint/no-empty-interface": "error",
-        "@typescript-eslint/no-inferrable-types": [
-          "error",
-          {
-            "ignoreParameters": true
-          }
-        ],
-        "@typescript-eslint/no-misused-new": "error",
-        "@typescript-eslint/no-non-null-assertion": "error",
-        "@typescript-eslint/no-shadow": [
-          "error",
-          {
-            "hoist": "all"
-          }
-        ],
-        "@typescript-eslint/no-unused-expressions": "error",
-        "@typescript-eslint/prefer-function-type": "error",
-        "@typescript-eslint/unified-signatures": "error",
-        "arrow-body-style": "off",
-        "constructor-super": "error",
-        "eqeqeq": ["error", "smart"],
-        "guard-for-in": "error",
-        "id-blacklist": "off",
-        "id-match": "off",
-        "import/no-deprecated": "warn",
-        "no-bitwise": "error",
-        "no-caller": "error",
-        "no-console": [
-          "error",
-          {
-            "allow": [
-              "log",
-              "warn",
-              "dir",
-              "timeLog",
-              "assert",
-              "clear",
-              "count",
-              "countReset",
-              "group",
-              "groupEnd",
-              "table",
-              "dirxml",
-              "error",
-              "groupCollapsed",
-              "Console",
-              "profile",
-              "profileEnd",
-              "timeStamp",
-              "context"
-            ]
-          }
-        ],
-        "no-debugger": "error",
-        "no-empty": "off",
-        "no-eval": "error",
-        "no-fallthrough": "error",
-        "no-new-wrappers": "error",
-        "no-restricted-imports": ["error", "rxjs/Rx"],
-        "no-throw-literal": "error",
-        "no-undef-init": "error",
-        "no-underscore-dangle": "off",
-        "no-var": "error",
-        "prefer-const": "error",
-        "radix": "error"
-      }
-    }
-  ]
-}
--- a/.github/ISSUE_TEMPLATE/bug_report.md
+++ b/.github/ISSUE_TEMPLATE/bug_report.md
@ -6,7 +6,13 @@ labels: ''
 assignees: ''
 ---

-The Issue tracker is **ONLY** used for reporting bugs. New features should be discussed on our [Slack channel](https://ghostfolio.slack.com) or in [Discussions](https://github.com/ghostfolio/ghostfolio/discussions).
+**Important Notice**
+
+The issue tracker is **ONLY** used for reporting bugs. New features should be discussed in our [Slack](https://join.slack.com/t/ghostfolio/shared_invite/zt-vsaan64h-F_I0fEo5M0P88lP9ibCxFg) community or in [Discussions](https://github.com/ghostfolio/ghostfolio/discussions).
+
+Incomplete or non-reproducible issues may be closed, but we are here to help! If you encounter difficulties reproducing the bug or need assistance, please reach out to our community channels mentioned above.
+
+Thank you for your understanding and cooperation!

 **Bug Description**

@ -20,7 +26,7 @@ The Issue tracker is **ONLY** used for reporting bugs. New features should be di
 2.
 3.

-**Expected behavior**
+**Expected Behavior**

 <!-- A clear and concise description of what you expected to happen. -->

@ -37,9 +43,11 @@ The Issue tracker is **ONLY** used for reporting bugs. New features should be di
 <!-- Please complete the following information -->

 - Ghostfolio Version X.Y.Z
+- Cloud or Self-hosted
+- Experimental Features enabled or disabled
 - Browser
 - OS

-**Additional context**
+**Additional Context**

 <!-- Add any other context about the problem here. -->
--- a/.github/workflows/build-code.yml
+++ b/.github/workflows/build-code.yml
@ -1,36 +0,0 @@
-name: Build code
-
-on:
-  pull_request:
-  workflow_dispatch:
-
-jobs:
-  build:
-    runs-on: ubuntu-latest
-    strategy:
-      matrix:
-        node_version:
-          - 16
-    steps:
-      - name: Checkout code
-        uses: actions/checkout@v3
-        with:
-          fetch-depth: 0
-
-      - name: Use Node.js ${{ matrix.node_version }}
-        uses: actions/setup-node@v3
-        with:
-          node-version: ${{ matrix.node_version }}
-          cache: 'yarn'
-
-      - name: Install dependencies
-        run: yarn install --frozen-lockfile
-
-      - name: Check formatting
-        run: yarn format:check
-
-      - name: Execute tests
-        run: yarn test
-
-      - name: Build application
-        run: yarn build:all
--- a/.github/workflows/docker-image.yml
+++ b/.github/workflows/docker-image.yml
@ -4,24 +4,25 @@ on:
  push:
    tags:
      - '*.*.*'
+    branches:
+      - 'main'
  pull_request:
    branches:
      - 'main'
+  workflow_dispatch:

 jobs:
  build_and_push:
    runs-on: ubuntu-latest
    steps:
      - name: Checkout code
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4

-      - name: Docker metadata
+      - name: Get Meta
        id: meta
-        uses: docker/metadata-action@v4
-        with:
-          images: ghostfolio/ghostfolio
-          tags: |
-            type=semver,pattern={{version}}
+        run: |
+          echo REPO_NAME=$(echo ${GITHUB_REPOSITORY} | awk -F"/" '{print $2}') >> $GITHUB_OUTPUT
+          echo REPO_VERSION=$(git describe --tags --always | sed 's/^v//') >> $GITHUB_OUTPUT

      - name: Set up QEMU
        uses: docker/setup-qemu-action@v2
@ -34,16 +35,35 @@ jobs:
        if: github.event_name != 'pull_request'
        uses: docker/login-action@v2
        with:
-          username: ${{ secrets.DOCKER_HUB_USERNAME }}
-          password: ${{ secrets.DOCKER_HUB_ACCESS_TOKEN }}
+          registry: gitea.suda.codes
+          username: ${{ secrets.DOCKER_USERNAME }}
+          password: ${{ secrets.DOCKER_ACCESS_TOKEN }}

      - name: Build and push
        uses: docker/build-push-action@v3
        with:
          context: .
-          platforms: linux/amd64,linux/arm/v7,linux/arm64
+          # platforms: linux/amd64,linux/arm/v7,linux/arm64
+          platforms: linux/amd64
          push: ${{ github.event_name != 'pull_request' }}
-          tags: ${{ steps.meta.outputs.tags }}
-          labels: ${{ steps.meta.output.labels }}
-          cache-from: type=gha
-          cache-to: type=gha,mode=max
+          tags: |
+            gitea.suda.codes/sudacode/${{ steps.meta.outputs.REPO_NAME }}:${{ steps.meta.outputs.REPO_VERSION }}
+            gitea.suda.codes/sudacode/${{ steps.meta.outputs.REPO_NAME }}:latest
+          cache-from: type=local,src=${{ runner.temp }}/.buildx-cache
+          cache-to: type=local,dest=${{ runner.temp }}/.buildx-cache-new,mode=max
+
+      - # Temp fix
+        # https://github.com/docker/build-push-action/issues/252
+        # https://github.com/moby/buildkit/issues/1896
+        name: Move cache
+        run: |
+          rm -rf ${{ runner.temp }}/.buildx-cache
+          mv ${{ runner.temp }}/.buildx-cache-new ${{ runner.temp }}/.buildx-cache
+
+      - name: Invoke deployment hook
+        uses: distributhor/workflow-webhook@v3
+        with:
+          webhook_url: ${{ secrets.WEBHOOK_URL }}
+          webhook_auth: ${{ secrets.WEBHOOK_AUTH }}
+          webhook_secret: ${{ secrets.WEBHOOK_SECRET }}
+          webhook_auth_type: bearer
--- a/.gitignore
+++ b/.gitignore
@ -1,12 +1,14 @@
 # See http://help.github.com/ignore-files/ for more about ignoring files.

+scripts/*
+
 # compiled output
 /out-tsc
 /tmp

 # dependencies
-/.yarn
 /node_modules
+npm-debug.log

 # IDEs and editors
 /.idea
@ -27,15 +29,15 @@
 /.angular/cache
 .env
 .env.prod
+.nx/cache
+.nx/workspace-data
 /.sass-cache
 /connect.lock
 /coverage
 /dist
 /libpeerconnection.log
-npm-debug.log
 testem.log
 /typings
-yarn-error.log

 # System Files
 .DS_Store
--- a/.husky/pre-commit
+++ b/.husky/pre-commit
@ -0,0 +1,6 @@
+# Run linting and stop the commit process if any errors are found
+# --quiet suppresses warnings (temporary until all warnings are fixed)
+npm run affected:lint --base=main --head=HEAD --parallel=2 --quiet || exit 1
+
+# Check formatting on modified and uncommitted files, stop the commit if issues are found
+npm run format:check --uncommitted || exit 1
--- a/.nvmrc
+++ b/.nvmrc
@ -1 +1 @@
-v16
+v20
--- a/.prettierignore
+++ b/.prettierignore
@ -1,2 +1,5 @@
+/.nx/cache
+/.nx/workspace-data
+/apps/client/src/polyfills.ts
 /dist
 /test/import
--- a/.prettierrc
+++ b/.prettierrc
@ -9,6 +9,26 @@
  ],
  "attributeSort": "ASC",
  "endOfLine": "auto",
+  "importOrder": ["^@ghostfolio/(.*)$", "<THIRD_PARTY_MODULES>", "^[./]"],
+  "importOrderSeparation": true,
+  "overrides": [
+    {
+      "files": "*.html",
+      "options": {
+        "parser": "angular"
+      }
+    },
+    {
+      "files": "*.ts",
+      "options": {
+        "importOrderParserPlugins": ["decorators-legacy", "typescript"]
+      }
+    }
+  ],
+  "plugins": [
+    "prettier-plugin-organize-attributes",
+    "@trivago/prettier-plugin-sort-imports"
+  ],
  "printWidth": 80,
  "singleQuote": true,
  "tabWidth": 2,
--- a/.storybook/main.js
+++ b/.storybook/main.js
@ -1,8 +0,0 @@
-module.exports = {
-  // uncomment the property below if you want to apply some webpack config globally
-  // webpackFinal: async (config, { configType }) => {
-  //   // Make whatever fine-grained changes you need that should apply to all storybook configs
-  //   // Return the altered config
-  //   return config;
-  // },
-};
--- a/.storybook/tsconfig.json
+++ b/.storybook/tsconfig.json
@ -1,10 +0,0 @@
-{
-  "extends": "../tsconfig.base.json",
-  "exclude": [
-    "../**/*.spec.js",
-    "../**/*.spec.ts",
-    "../**/*.spec.tsx",
-    "../**/*.spec.jsx"
-  ],
-  "include": ["../**/*"]
-}
--- a/.vscode/launch.json
+++ b/.vscode/launch.json
@ -2,32 +2,33 @@
  "version": "0.2.0",
  "configurations": [
    {
-      "name": "Debug Jest File",
-      "type": "node",
-      "request": "launch",
-      "program": "${workspaceFolder}/node_modules/@nrwl/cli/bin/nx",
      "args": [
        "test",
        "--codeCoverage=false",
        "--testFile=${workspaceFolder}/apps/api/src/app/portfolio/portfolio-calculator-novn-buy-and-sell.spec.ts"
      ],
+      "console": "internalConsole",
      "cwd": "${workspaceFolder}",
-      "console": "internalConsole"
+      "name": "Debug Jest",
+      "program": "${workspaceFolder}/node_modules/@nrwl/cli/bin/nx",
+      "request": "launch",
+      "type": "node"
    },
    {
-      "envFile": "${workspaceFolder}/.env",
-      "type": "node",
-      "request": "launch",
-      "name": "Launch Program",
-      "program": "${workspaceFolder}/apps/api/src/main.ts",
-      "runtimeArgs": ["--nolazy", "-r", "ts-node/register"],
-      "outFiles": ["${workspaceFolder}/dist/apps/api/**/*.js"],
      "autoAttachChildProcesses": true,
+      "console": "integratedTerminal",
+      "cwd": "${workspaceFolder}/apps/api",
+      "envFile": "${workspaceFolder}/.env",
+      "name": "Debug API",
+      "outFiles": ["${workspaceFolder}/dist/apps/api/**/*.js"],
+      "program": "${workspaceFolder}/apps/api/src/main.ts",
+      "request": "launch",
+      "runtimeArgs": ["--nolazy", "-r", "ts-node/register"],
      "skipFiles": [
        "${workspaceFolder}/node_modules/**/*.js",
        "<node_internals>/**/*.js"
      ],
-      "console": "integratedTerminal"
+      "type": "node"
    }
  ]
 }
--- a/.vscode/settings.json
+++ b/.vscode/settings.json
@ -1,4 +1,7 @@
 {
  "editor.defaultFormatter": "esbenp.prettier-vscode",
-  "editor.formatOnSave": true
+  "editor.formatOnSave": true,
+  "vim.highlightedyank.enable": true,
+  "vim.hlsearch": true,
+  "vim.leader": "<space>", 
 }
--- a/.yarnrc
+++ b/.yarnrc
@ -1 +0,0 @@
-network-timeout 600000
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
--- a/DEVELOPMENT.md
+++ b/DEVELOPMENT.md
@ -1,5 +1,65 @@
 # Ghostfolio Development Guide

+## Development Environment
+
+### Prerequisites
+
+- [Docker](https://www.docker.com/products/docker-desktop)
+- [Node.js](https://nodejs.org/en/download) (version 20+)
+- Create a local copy of this Git repository (clone)
+- Copy the file `.env.dev` to `.env` and populate it with your data (`cp .env.dev .env`)
+
+### Setup
+
+1. Run `npm install`
+1. Run `docker compose -f docker/docker-compose.dev.yml up -d` to start [PostgreSQL](https://www.postgresql.org) and [Redis](https://redis.io)
+1. Run `npm run database:setup` to initialize the database schema
+1. Start the [server](#start-server) and the [client](#start-client)
+1. Open https://localhost:4200/en in your browser
+1. Create a new user via _Get Started_ (this first user will get the role `ADMIN`)
+
+### Start Server
+
+#### Debug
+
+Run `npm run watch:server` and click _Debug API_ in [Visual Studio Code](https://code.visualstudio.com)
+
+#### Serve
+
+Run `npm run start:server`
+
+### Start Client
+
+Run `npm run start:client` and open https://localhost:4200/en in your browser
+
+### Start _Storybook_
+
+Run `npm run start:storybook`
+
+### Migrate Database
+
+With the following command you can keep your database schema in sync:
+
+```bash
+npm run database:push
+```
+
+## Testing
+
+Run `npm test`
+
+## Experimental Features
+
+New functionality can be enabled using a feature flag switch from the user settings.
+
+### Backend
+
+Remove permission in `UserService` using `without()`
+
+### Frontend
+
+Use `@if (user?.settings?.isExperimentalFeatures) {}` in HTML template
+
 ## Git

 ### Rebase
@ -8,18 +68,36 @@

 ## Dependencies

+### Angular
+
+#### Upgrade (minor versions)
+
+1. Run `npx npm-check-updates --upgrade --target "minor" --filter "/@angular.*/"`
+
 ### Nx

 #### Upgrade

-1. Run `yarn nx migrate latest`
-1. Make sure `package.json` changes make sense and then run `yarn install`
-1. Run `yarn nx migrate --run-migrations`
+1. Run `npx nx migrate latest`
+1. Make sure `package.json` changes make sense and then run `npm install`
+1. Run `npx nx migrate --run-migrations`

 ### Prisma

-#### Create schema migration (local)
+#### Access database via GUI

-Run `yarn prisma migrate dev --name added_job_title`
+Run `npm run database:gui`
+
+https://www.prisma.io/studio
+
+#### Synchronize schema with database for prototyping
+
+Run `npm run database:push`
+
+https://www.prisma.io/docs/concepts/components/prisma-migrate/db-push
+
+#### Create schema migration
+
+Run `npm run prisma migrate dev --name added_job_title`

 https://www.prisma.io/docs/concepts/components/prisma-migrate#getting-started-with-prisma-migrate
--- a/62
+++ b/62
@ -1,61 +1,67 @@
-FROM --platform=$BUILDPLATFORM node:16-slim as builder
+FROM --platform=$BUILDPLATFORM node:20-slim AS builder

 # Build application and add additional files
 WORKDIR /ghostfolio

+RUN apt-get update && apt-get install -y --no-install-suggests \
+  g++ \
+  git \
+  make \
+  openssl \
+  python3 \
+  && rm -rf /var/lib/apt/lists/*
+
 # Only add basic files without the application itself to avoid rebuilding
 # layers when files (package.json etc.) have not changed
 COPY ./CHANGELOG.md CHANGELOG.md
 COPY ./LICENSE LICENSE
 COPY ./package.json package.json
-COPY ./yarn.lock yarn.lock
-COPY ./.yarnrc .yarnrc
+COPY ./package-lock.json package-lock.json
 COPY ./prisma/schema.prisma prisma/schema.prisma

-RUN apt update && apt install -y \
-    git \
-    g++ \
-    make \
-    openssl \
-    python3 \
-    && rm -rf /var/lib/apt/lists/*
-RUN yarn install
+RUN npm install

 # See https://github.com/nrwl/nx/issues/6586 for further details
 COPY ./decorate-angular-cli.js decorate-angular-cli.js
 RUN node decorate-angular-cli.js

-COPY ./nx.json nx.json
-COPY ./replace.build.js replace.build.js
-COPY ./jest.preset.js jest.preset.js
-COPY ./jest.config.ts jest.config.ts
-COPY ./tsconfig.base.json tsconfig.base.json
-COPY ./libs libs
 COPY ./apps apps
+COPY ./libs libs
+COPY ./jest.config.ts jest.config.ts
+COPY ./jest.preset.js jest.preset.js
+COPY ./nx.json nx.json
+COPY ./replace.build.mjs replace.build.mjs
+COPY ./tsconfig.base.json tsconfig.base.json

-RUN yarn build:all
+RUN npm run build:production

 # Prepare the dist image with additional node_modules
 WORKDIR /ghostfolio/dist/apps/api
 # package.json was generated by the build process, however the original
-# yarn.lock needs to be used to ensure the same versions
-COPY ./yarn.lock /ghostfolio/dist/apps/api/yarn.lock
+# package-lock.json needs to be used to ensure the same versions
+COPY ./package-lock.json /ghostfolio/dist/apps/api/package-lock.json

-RUN yarn
+RUN npm install
 COPY prisma /ghostfolio/dist/apps/api/prisma

 # Overwrite the generated package.json with the original one to ensure having
 # all the scripts
 COPY package.json /ghostfolio/dist/apps/api
-RUN yarn database:generate-typings
+RUN npm run database:generate-typings

 # Image to run, copy everything needed from builder
-FROM node:16-slim
-RUN apt update && apt install -y \
-    openssl \
-    && rm -rf /var/lib/apt/lists/*
+FROM node:20-slim
+LABEL org.opencontainers.image.source="https://github.com/ghostfolio/ghostfolio"
+ENV NODE_ENV=production

-COPY --from=builder /ghostfolio/dist/apps /ghostfolio/apps
+RUN apt-get update && apt-get install -y --no-install-suggests \
+  curl \
+  openssl \
+  && rm -rf /var/lib/apt/lists/*
+
+COPY --chown=node:node --from=builder /ghostfolio/dist/apps /ghostfolio/apps
+COPY --chown=node:node ./docker/entrypoint.sh /ghostfolio/entrypoint.sh
 WORKDIR /ghostfolio/apps/api
 EXPOSE ${PORT:-3333}
-CMD [  "yarn", "start:prod" ]
+USER node
+CMD [ "/ghostfolio/entrypoint.sh" ]
--- a/README.md
+++ b/README.md
@ -7,11 +7,11 @@
 **Open Source Wealth Management Software**

 [**Ghostfol.io**](https://ghostfol.io) | [**Live Demo**](https://ghostfol.io/en/demo) | [**Ghostfolio Premium**](https://ghostfol.io/en/pricing) | [**FAQ**](https://ghostfol.io/en/faq) |
-[**Blog**](https://ghostfol.io/en/blog) | [**Slack**](https://join.slack.com/t/ghostfolio/shared_invite/zt-vsaan64h-F_I0fEo5M0P88lP9ibCxFg) | [**Twitter**](https://twitter.com/ghostfolio_)
+[**Blog**](https://ghostfol.io/en/blog) | [**Slack**](https://join.slack.com/t/ghostfolio/shared_invite/zt-vsaan64h-F_I0fEo5M0P88lP9ibCxFg) | [**X**](https://x.com/ghostfolio_)

 [![Shield: Buy me a coffee](https://img.shields.io/badge/Buy%20me%20a%20coffee-Support-yellow?logo=buymeacoffee)](https://www.buymeacoffee.com/ghostfolio)
-[![Shield: Contributions Welcome](https://img.shields.io/badge/Contributions-Welcome-orange.svg)](#contributing)
-[![Shield: License: AGPL v3](https://img.shields.io/badge/License-AGPL%20v3-blue.svg)](https://www.gnu.org/licenses/agpl-3.0)
+[![Shield: Contributions Welcome](https://img.shields.io/badge/Contributions-Welcome-limegreen.svg)](#contributing) [![Shield: Docker Pulls](https://img.shields.io/docker/pulls/ghostfolio/ghostfolio?label=Docker%20Pulls)](https://hub.docker.com/r/ghostfolio/ghostfolio)
+[![Shield: License: AGPL v3](https://img.shields.io/badge/License-AGPL%20v3-orange.svg)](https://www.gnu.org/licenses/agpl-3.0)

 </div>

@ -25,7 +25,7 @@

 ## Ghostfolio Premium

-Our official **[Ghostfolio Premium](https://ghostfol.io/en/pricing)** cloud offering is the easiest way to get started. Due to the time it saves, this will be the best option for most people. The revenue is used for covering the hosting costs.
+Our official **[Ghostfolio Premium](https://ghostfol.io/en/pricing)** cloud offering is the easiest way to get started. Due to the time it saves, this will be the best option for most people. Revenue is used to cover the costs of the hosting infrastructure and to fund ongoing development.

 If you prefer to run Ghostfolio on your own infrastructure, please find further instructions in the [Self-hosting](#self-hosting) section.

@ -47,7 +47,7 @@ Ghostfolio is for you if you are...

 - ✅ Create, update and delete transactions
 - ✅ Multi account management
- ✅ Portfolio performance for `Today`, `YTD`, `1Y`, `5Y`, `Max`
+- ✅ Portfolio performance: Time-weighted rate of return (TWR) for `Today`, `WTD`, `MTD`, `YTD`, `1Y`, `5Y`, `Max`
 - ✅ Various charts
 - ✅ Static analysis to identify potential risks in your portfolio
 - ✅ Import and export transactions
@ -71,7 +71,7 @@ The backend is based on [NestJS](https://nestjs.com) using [PostgreSQL](https://

 ### Frontend

-The frontend is built with [Angular](https://angular.io) and uses [Angular Material](https://material.angular.io) with utility classes from [Bootstrap](https://getbootstrap.com).
+The frontend is built with [Angular](https://angular.dev) and uses [Angular Material](https://material.angular.io) with utility classes from [Bootstrap](https://getbootstrap.com).

 ## Self-hosting

@ -85,19 +85,24 @@ We provide official container images hosted on [Docker Hub](https://hub.docker.c

 ### Supported Environment Variables

-| Name                | Default Value | Description                                                                                                                         |
-| ------------------- | ------------- | ----------------------------------------------------------------------------------------------------------------------------------- |
-| `ACCESS_TOKEN_SALT` |               | A random string used as salt for access tokens                                                                                      |
-| `DATABASE_URL`      |               | The database connection URL, e.g. `postgresql://${POSTGRES_USER}:${POSTGRES_PASSWORD}@localhost:5432/${POSTGRES_DB}?sslmode=prefer` |
-| `HOST`              | `0.0.0.0`     | The host where the Ghostfolio application will run on                                                                               |
-| `JWT_SECRET_KEY`    |               | A random string used for _JSON Web Tokens_ (JWT)                                                                                    |
-| `PORT`              | `3333`        | The port where the Ghostfolio application will run on                                                                               |
-| `POSTGRES_DB`       |               | The name of the _PostgreSQL_ database                                                                                               |
-| `POSTGRES_PASSWORD` |               | The password of the _PostgreSQL_ database                                                                                           |
-| `POSTGRES_USER`     |               | The user of the _PostgreSQL_ database                                                                                               |
-| `REDIS_HOST`        |               | The host where _Redis_ is running                                                                                                   |
-| `REDIS_PASSWORD`    |               | The password of _Redis_                                                                                                             |
-| `REDIS_PORT`        |               | The port where _Redis_ is running                                                                                                   |
+| Name                     | Type                  | Default Value | Description                                                                                                                         |
+| ------------------------ | --------------------- | ------------- | ----------------------------------------------------------------------------------------------------------------------------------- |
+| `ACCESS_TOKEN_SALT`      | `string`              |               | A random string used as salt for access tokens                                                                                      |
+| `API_KEY_COINGECKO_DEMO` | `string` (optional)   |               | The _CoinGecko_ Demo API key                                                                                                        |
+| `API_KEY_COINGECKO_PRO`  | `string` (optional)   |               | The _CoinGecko_ Pro API key                                                                                                         |
+| `DATABASE_URL`           | `string`              |               | The database connection URL, e.g. `postgresql://${POSTGRES_USER}:${POSTGRES_PASSWORD}@localhost:5432/${POSTGRES_DB}?sslmode=prefer` |
+| `HOST`                   | `string` (optional)   | `0.0.0.0`     | The host where the Ghostfolio application will run on                                                                               |
+| `JWT_SECRET_KEY`         | `string`              |               | A random string used for _JSON Web Tokens_ (JWT)                                                                                    |
+| `LOG_LEVELS`             | `string[]` (optional) |               | The logging levels for the Ghostfolio application, e.g. `["debug","error","log","warn"]`                                            |
+| `PORT`                   | `number` (optional)   | `3333`        | The port where the Ghostfolio application will run on                                                                               |
+| `POSTGRES_DB`            | `string`              |               | The name of the _PostgreSQL_ database                                                                                               |
+| `POSTGRES_PASSWORD`      | `string`              |               | The password of the _PostgreSQL_ database                                                                                           |
+| `POSTGRES_USER`          | `string`              |               | The user of the _PostgreSQL_ database                                                                                               |
+| `REDIS_DB`               | `number` (optional)   | `0`           | The database index of _Redis_                                                                                                       |
+| `REDIS_HOST`             | `string`              |               | The host where _Redis_ is running                                                                                                   |
+| `REDIS_PASSWORD`         | `string`              |               | The password of _Redis_                                                                                                             |
+| `REDIS_PORT`             | `number`              |               | The port where _Redis_ is running                                                                                                   |
+| `REQUEST_TIMEOUT`        | `number` (optional)   | `2000`        | The timeout of network requests to data providers in milliseconds                                                                   |

 ### Run with Docker Compose

@ -113,7 +118,7 @@ We provide official container images hosted on [Docker Hub](https://hub.docker.c
 Run the following command to start the Docker images from [Docker Hub](https://hub.docker.com/r/ghostfolio/ghostfolio):

 ```bash
-docker-compose --env-file ./.env -f docker/docker-compose.yml up -d
+docker compose -f docker/docker-compose.yml up -d
 ```

 #### b. Build and run environment
@ -121,8 +126,8 @@ docker-compose --env-file ./.env -f docker/docker-compose.yml up -d
 Run the following commands to build and start the Docker images:

 ```bash
-docker-compose --env-file ./.env -f docker/docker-compose.build.yml build
-docker-compose --env-file ./.env -f docker/docker-compose.build.yml up -d
+docker compose -f docker/docker-compose.build.yml build
+docker compose -f docker/docker-compose.build.yml up -d
 ```

 #### Setup
@ -132,63 +137,27 @@ docker-compose --env-file ./.env -f docker/docker-compose.build.yml up -d

 #### Upgrade Version

-1. Increase the version of the `ghostfolio/ghostfolio` Docker image in `docker/docker-compose.yml`
-1. Run the following command to start the new Docker image: `docker-compose --env-file ./.env -f docker/docker-compose.yml up -d`  
-   At each start, the container will automatically apply the database schema migrations if needed.
+1. Update the _Ghostfolio_ Docker image

-### Run with _Unraid_ (Community)
+   - Increase the version of the `ghostfolio/ghostfolio` Docker image in `docker/docker-compose.yml`
+   - Run the following command if `ghostfolio:latest` is set:
+     ```bash
+     docker compose -f docker/docker-compose.yml pull
+     ```

-Please follow the instructions of the Ghostfolio [Unraid Community App](https://unraid.net/community/apps?q=ghostfolio).
+1. Run the following command to start the new Docker image:
+   ```bash
+   docker compose -f docker/docker-compose.yml up -d
+   ```
+   The container will automatically apply any required database schema migrations during startup.
+
+### Home Server Systems (Community)
+
+Ghostfolio is available for various home server systems, including [CasaOS](https://github.com/bigbeartechworld/big-bear-casaos), [Home Assistant](https://github.com/lildude/ha-addon-ghostfolio), [Runtipi](https://www.runtipi.io/docs/apps-available), [TrueCharts](https://truecharts.org/charts/stable/ghostfolio), [Umbrel](https://apps.umbrel.com/app/ghostfolio), and [Unraid](https://unraid.net/community/apps?q=ghostfolio).

 ## Development

-### Prerequisites
-
- [Docker](https://www.docker.com/products/docker-desktop)
- [Node.js](https://nodejs.org/en/download) (version 16)
- [Yarn](https://yarnpkg.com/en/docs/install)
- Create a local copy of this Git repository (clone)
- Copy the file `.env.example` to `.env` and populate it with your data (`cp .env.example .env`)
-
-### Setup
-
-1. Run `yarn install`
-1. Run `yarn build:dev` to build the source code including the assets
-1. Run `docker-compose --env-file ./.env -f docker/docker-compose.dev.yml up -d` to start [PostgreSQL](https://www.postgresql.org) and [Redis](https://redis.io)
-1. Run `yarn database:setup` to initialize the database schema
-1. Start the server and the client (see [_Development_](#Development))
-1. Open http://localhost:4200/en in your browser
-1. Create a new user via _Get Started_ (this first user will get the role `ADMIN`)
-
-### Start Server
-
-#### Debug
-
-Run `yarn watch:server` and click _Launch Program_ in [Visual Studio Code](https://code.visualstudio.com)
-
-#### Serve
-
-Run `yarn start:server`
-
-### Start Client
-
-Run `yarn start:client` and open http://localhost:4200/en in your browser
-
-### Start _Storybook_
-
-Run `yarn start:storybook`
-
-### Migrate Database
-
-With the following command you can keep your database schema in sync:
-
-```bash
-yarn database:push
-```
-
-## Testing
-
-Run `yarn test`
+For detailed information on the environment setup and development process, please refer to [DEVELOPMENT.md](./DEVELOPMENT.md).

 ## Public API

@ -200,10 +169,36 @@ Set the header for each request as follows:
 "Authorization": "Bearer eyJh..."
 ```

-You can get the _Bearer Token_ via `GET http://localhost:3333/api/v1/auth/anonymous/<INSERT_SECURITY_TOKEN_OF_ACCOUNT>` or `curl -s http://localhost:3333/api/v1/auth/anonymous/<INSERT_SECURITY_TOKEN_OF_ACCOUNT>`.
+You can get the _Bearer Token_ via `POST http://localhost:3333/api/v1/auth/anonymous` (Body: `{ "accessToken": "<INSERT_SECURITY_TOKEN_OF_ACCOUNT>" }`)
+
+Deprecated: `GET http://localhost:3333/api/v1/auth/anonymous/<INSERT_SECURITY_TOKEN_OF_ACCOUNT>` or `curl -s http://localhost:3333/api/v1/auth/anonymous/<INSERT_SECURITY_TOKEN_OF_ACCOUNT>`.
+
+### Health Check (experimental)
+
+#### Request
+
+`GET http://localhost:3333/api/v1/health`
+
+**Info:** No Bearer Token is required for health check
+
+#### Response
+
+##### Success
+
+`200 OK`
+
+```
+{
+  "status": "OK"
+}
+```

 ### Import Activities

+#### Prerequisites
+
+[Bearer Token](#authorization-bearer-token) for authorization
+
 #### Request

 `POST http://localhost:3333/api/v1/import`
@ -227,17 +222,18 @@ You can get the _Bearer Token_ via `GET http://localhost:3333/api/v1/auth/anonym
 }
 ```

-| Field      | Type                | Description                                        |
-| ---------- | ------------------- | -------------------------------------------------- |
-| accountId  | string (`optional`) | Id of the account                                  |
-| currency   | string              | `CHF` \| `EUR` \| `USD` etc.                       |
-| dataSource | string              | `MANUAL` (for type `ITEM`) \| `YAHOO`              |
-| date       | string              | Date in the format `ISO-8601`                      |
-| fee        | number              | Fee of the activity                                |
-| quantity   | number              | Quantity of the activity                           |
-| symbol     | string              | Symbol of the activity (suitable for `dataSource`) |
-| type       | string              | `BUY` \| `DIVIDEND` \| `ITEM` \| `SELL`            |
-| unitPrice  | number              | Price per unit of the activity                     |
+| Field        | Type                | Description                                                                   |
+| ------------ | ------------------- | ----------------------------------------------------------------------------- |
+| `accountId`  | `string` (optional) | Id of the account                                                             |
+| `comment`    | `string` (optional) | Comment of the activity                                                       |
+| `currency`   | `string`            | `CHF` \| `EUR` \| `USD` etc.                                                  |
+| `dataSource` | `string`            | `COINGECKO` \| `MANUAL` (for type `ITEM`) \| `YAHOO`                          |
+| `date`       | `string`            | Date in the format `ISO-8601`                                                 |
+| `fee`        | `number`            | Fee of the activity                                                           |
+| `quantity`   | `number`            | Quantity of the activity                                                      |
+| `symbol`     | `string`            | Symbol of the activity (suitable for `dataSource`)                            |
+| `type`       | `string`            | `BUY` \| `DIVIDEND` \| `FEE` \| `INTEREST` \| `ITEM` \| `LIABILITY` \| `SELL` |
+| `unitPrice`  | `number`            | Price per unit of the activity                                                |

 #### Response

@ -258,20 +254,58 @@ You can get the _Bearer Token_ via `GET http://localhost:3333/api/v1/auth/anonym
 }
 ```

+### Portfolio (experimental)
+
+#### Prerequisites
+
+Grant access of type _Public_ in the _Access_ tab of _My Ghostfolio_.
+
+#### Request
+
+`GET http://localhost:3333/api/v1/public/<INSERT_ACCESS_ID>/portfolio`
+
+**Info:** No Bearer Token is required for authorization
+
+#### Response
+
+##### Success
+
+```
+{
+  "performance": {
+    "1d": {
+      "relativeChange": 0 // normalized from -1 to 1
+    };
+    "ytd": {
+      "relativeChange": 0 // normalized from -1 to 1
+    },
+    "max": {
+      "relativeChange": 0 // normalized from -1 to 1
+    }
+  }
+}
+```
+
 ## Community Projects

- [ghostfolio-cli](https://github.com/DerAndereJohannes/ghostfolio-cli): Command-line interface to access your portfolio
+Discover a variety of community projects for Ghostfolio: https://github.com/topics/ghostfolio
+
+Are you building your own project? Add the `ghostfolio` topic to your _GitHub_ repository to get listed as well. [Learn more →](https://docs.github.com/en/articles/classifying-your-repository-with-topics)

 ## Contributing

 Ghostfolio is **100% free** and **open source**. We encourage and support an active and healthy community that accepts contributions from the public - including you.

-Not sure what to work on? We have got some ideas. Please join the Ghostfolio [Slack channel](https://join.slack.com/t/ghostfolio/shared_invite/zt-vsaan64h-F_I0fEo5M0P88lP9ibCxFg) or tweet to [@ghostfolio\_](https://twitter.com/ghostfolio_). We would love to hear from you.
+Not sure what to work on? We have [some ideas](https://github.com/ghostfolio/ghostfolio/issues?q=is%3Aissue+is%3Aopen+label%3A%22help+wanted%22), even for [newcomers](https://github.com/ghostfolio/ghostfolio/issues?q=is%3Aissue+is%3Aopen+label%3A%22good+first+issue%22). Please join the Ghostfolio [Slack](https://join.slack.com/t/ghostfolio/shared_invite/zt-vsaan64h-F_I0fEo5M0P88lP9ibCxFg) channel or post to [@ghostfolio\_](https://x.com/ghostfolio_) on _X_. We would love to hear from you.

 If you like to support this project, get [**Ghostfolio Premium**](https://ghostfol.io/en/pricing) or [**Buy me a coffee**](https://www.buymeacoffee.com/ghostfolio).

+## Analytics
+
+![Alt](https://repobeats.axiom.co/api/embed/281a80b2d0c4af1162866c24c803f1f18e5ed60e.svg 'Repobeats analytics image')
+
 ## License

-© 2023 [Ghostfolio](https://ghostfol.io)
+© 2021 - 2025 [Ghostfolio](https://ghostfol.io)

 Licensed under the [AGPLv3 License](https://www.gnu.org/licenses/agpl-3.0.html).
--- a/SECURITY.md
+++ b/SECURITY.md
@ -0,0 +1,13 @@
+# Security Policy
+
+## Reporting Security Issues
+
+If you discover a security vulnerability in this repository, please report it to security[at]ghostfol.io. We will acknowledge your report and provide guidance on the next steps.
+
+To help us resolve the issue, please include the following details:
+
+- A description of the vulnerability
+- Steps to reproduce the vulnerability
+- Affected versions of the software
+
+We appreciate your responsible disclosure and will work to address the issue promptly.
--- a/apps/api/.eslintrc.json
+++ b/apps/api/.eslintrc.json
@ -1,22 +0,0 @@
-{
-  "extends": "../../.eslintrc.json",
-  "ignorePatterns": ["!**/*"],
-  "rules": {},
-  "overrides": [
-    {
-      "files": ["*.ts", "*.tsx", "*.js", "*.jsx"],
-      "parserOptions": {
-        "project": ["apps/api/tsconfig.*?.json"]
-      },
-      "rules": {}
-    },
-    {
-      "files": ["*.ts", "*.tsx"],
-      "rules": {}
-    },
-    {
-      "files": ["*.js", "*.jsx"],
-      "rules": {}
-    }
-  ]
-}
--- a/apps/api/eslint.config.cjs
+++ b/apps/api/eslint.config.cjs
@ -0,0 +1,31 @@
+const baseConfig = require('../../eslint.config.cjs');
+
+module.exports = [
+  {
+    ignores: ['**/dist']
+  },
+  ...baseConfig,
+  {
+    rules: {}
+  },
+  {
+    files: ['**/*.ts', '**/*.tsx', '**/*.js', '**/*.jsx'],
+    // Override or add rules here
+    rules: {},
+    languageOptions: {
+      parserOptions: {
+        project: ['apps/api/tsconfig.*?.json']
+      }
+    }
+  },
+  {
+    files: ['**/*.ts', '**/*.tsx'],
+    // Override or add rules here
+    rules: {}
+  },
+  {
+    files: ['**/*.js', '**/*.jsx'],
+    // Override or add rules here
+    rules: {}
+  }
+];
--- a/apps/api/jest.config.ts
+++ b/apps/api/jest.config.ts
@ -2,17 +2,17 @@
 export default {
  displayName: 'api',

-  globals: {
-    'ts-jest': {
-      tsconfig: '<rootDir>/tsconfig.spec.json'
-    }
-  },
+  globals: {},
  transform: {
-    '^.+\\.[tj]s$': 'ts-jest'
+    '^.+\\.[tj]s$': [
+      'ts-jest',
+      {
+        tsconfig: '<rootDir>/tsconfig.spec.json'
+      }
+    ]
  },
  moduleFileExtensions: ['ts', 'js', 'html'],
  coverageDirectory: '../../coverage/apps/api',
-  testTimeout: 10000,
  testEnvironment: 'node',
  preset: '../../jest.preset.js'
 };
--- a/apps/api/project.json
+++ b/apps/api/project.json
@ -7,14 +7,16 @@
  "generators": {},
  "targets": {
    "build": {
-      "executor": "@nrwl/webpack:webpack",
+      "executor": "@nx/webpack:webpack",
      "options": {
-        "outputPath": "dist/apps/api",
+        "compiler": "tsc",
+        "deleteOutputPath": false,
        "main": "apps/api/src/main.ts",
-        "tsConfig": "apps/api/tsconfig.app.json",
-        "assets": ["apps/api/src/assets"],
+        "outputPath": "dist/apps/api",
+        "sourceMap": true,
        "target": "node",
-        "compiler": "tsc"
+        "tsConfig": "apps/api/tsconfig.app.json",
+        "webpackConfig": "apps/api/webpack.config.js"
      },
      "configurations": {
        "production": {
@ -32,23 +34,42 @@
      },
      "outputs": ["{options.outputPath}"]
    },
+    "copy-assets": {
+      "executor": "nx:run-commands",
+      "options": {
+        "commands": [
+          {
+            "command": "shx rm -rf dist/apps/api"
+          },
+          {
+            "command": "shx mkdir -p dist/apps/api/assets/locales"
+          },
+          {
+            "command": "shx cp -r apps/api/src/assets/* dist/apps/api/assets"
+          },
+          {
+            "command": "shx cp -r apps/client/src/locales/* dist/apps/api/assets/locales"
+          }
+        ],
+        "parallel": false
+      }
+    },
    "serve": {
-      "executor": "@nrwl/node:node",
+      "executor": "@nx/js:node",
      "options": {
        "buildTarget": "api:build"
      }
    },
    "lint": {
-      "executor": "@nrwl/linter:eslint",
+      "executor": "@nx/eslint:lint",
      "options": {
        "lintFilePatterns": ["apps/api/**/*.ts"]
      }
    },
    "test": {
-      "executor": "@nrwl/jest:jest",
+      "executor": "@nx/jest:jest",
      "options": {
-        "jestConfig": "apps/api/jest.config.ts",
-        "passWithNoTests": true
+        "jestConfig": "apps/api/jest.config.ts"
      },
      "outputs": ["{workspaceRoot}/coverage/apps/api"]
    }
--- a/apps/api/src/app/access/access.controller.ts
+++ b/apps/api/src/app/access/access.controller.ts
@ -1,6 +1,10 @@
+import { HasPermission } from '@ghostfolio/api/decorators/has-permission.decorator';
+import { HasPermissionGuard } from '@ghostfolio/api/guards/has-permission.guard';
+import { ConfigurationService } from '@ghostfolio/api/services/configuration/configuration.service';
 import { Access } from '@ghostfolio/common/interfaces';
-import { hasPermission, permissions } from '@ghostfolio/common/permissions';
+import { permissions } from '@ghostfolio/common/permissions';
 import type { RequestWithUser } from '@ghostfolio/common/types';
+
 import {
  Body,
  Controller,
@ -17,7 +21,6 @@ import { AuthGuard } from '@nestjs/passport';
 import { Access as AccessModel } from '@prisma/client';
 import { StatusCodes, getReasonPhrase } from 'http-status-codes';

-import { AccessModule } from './access.module';
 import { AccessService } from './access.service';
 import { CreateAccessDto } from './create-access.dto';

@ -25,11 +28,12 @@ import { CreateAccessDto } from './create-access.dto';
 export class AccessController {
  public constructor(
    private readonly accessService: AccessService,
+    private readonly configurationService: ConfigurationService,
    @Inject(REQUEST) private readonly request: RequestWithUser
  ) {}

  @Get()
-  @UseGuards(AuthGuard('jwt'))
+  @UseGuards(AuthGuard('jwt'), HasPermissionGuard)
  public async getAllAccesses(): Promise<Access[]> {
    const accessesWithGranteeUser = await this.accessService.accesses({
      include: {
@ -39,32 +43,38 @@ export class AccessController {
      where: { userId: this.request.user.id }
    });

-    return accessesWithGranteeUser.map((access) => {
-      if (access.GranteeUser) {
+    return accessesWithGranteeUser.map(
+      ({ alias, GranteeUser, id, permissions }) => {
+        if (GranteeUser) {
+          return {
+            alias,
+            id,
+            permissions,
+            grantee: GranteeUser?.id,
+            type: 'PRIVATE'
+          };
+        }
+
        return {
-          alias: access.alias,
-          grantee: access.GranteeUser?.id,
-          id: access.id,
-          type: 'RESTRICTED_VIEW'
+          alias,
+          id,
+          permissions,
+          grantee: 'Public',
+          type: 'PUBLIC'
        };
      }
-
-      return {
-        alias: access.alias,
-        grantee: 'Public',
-        id: access.id,
-        type: 'PUBLIC'
-      };
-    });
+    );
  }

+  @HasPermission(permissions.createAccess)
  @Post()
-  @UseGuards(AuthGuard('jwt'))
+  @UseGuards(AuthGuard('jwt'), HasPermissionGuard)
  public async createAccess(
    @Body() data: CreateAccessDto
  ): Promise<AccessModel> {
    if (
-      !hasPermission(this.request.user.permissions, permissions.createAccess)
+      this.configurationService.get('ENABLE_FEATURE_SUBSCRIPTION') &&
+      this.request.user.subscription.type === 'Basic'
    ) {
      throw new HttpException(
        getReasonPhrase(StatusCodes.FORBIDDEN),
@ -72,25 +82,30 @@ export class AccessController {
      );
    }

-    return this.accessService.createAccess({
-      alias: data.alias || undefined,
-      GranteeUser: data.granteeUserId
-        ? { connect: { id: data.granteeUserId } }
-        : undefined,
-      User: { connect: { id: this.request.user.id } }
-    });
+    try {
+      return this.accessService.createAccess({
+        alias: data.alias || undefined,
+        GranteeUser: data.granteeUserId
+          ? { connect: { id: data.granteeUserId } }
+          : undefined,
+        permissions: data.permissions,
+        User: { connect: { id: this.request.user.id } }
+      });
+    } catch {
+      throw new HttpException(
+        getReasonPhrase(StatusCodes.BAD_REQUEST),
+        StatusCodes.BAD_REQUEST
+      );
+    }
  }

  @Delete(':id')
-  @UseGuards(AuthGuard('jwt'))
-  public async deleteAccess(@Param('id') id: string): Promise<AccessModule> {
+  @HasPermission(permissions.deleteAccess)
+  @UseGuards(AuthGuard('jwt'), HasPermissionGuard)
+  public async deleteAccess(@Param('id') id: string): Promise<AccessModel> {
    const access = await this.accessService.access({ id });

-    if (
-      !hasPermission(this.request.user.permissions, permissions.deleteAccess) ||
-      !access ||
-      access.userId !== this.request.user.id
-    ) {
+    if (!access || access.userId !== this.request.user.id) {
      throw new HttpException(
        getReasonPhrase(StatusCodes.FORBIDDEN),
        StatusCodes.FORBIDDEN
--- a/apps/api/src/app/access/access.module.ts
+++ b/apps/api/src/app/access/access.module.ts
@ -1,4 +1,6 @@
-import { PrismaModule } from '@ghostfolio/api/services/prisma.module';
+import { ConfigurationModule } from '@ghostfolio/api/services/configuration/configuration.module';
+import { PrismaModule } from '@ghostfolio/api/services/prisma/prisma.module';
+
 import { Module } from '@nestjs/common';

 import { AccessController } from './access.controller';
@ -7,7 +9,7 @@ import { AccessService } from './access.service';
@Module({
  controllers: [AccessController],
  exports: [AccessService],
-  imports: [PrismaModule],
+  imports: [ConfigurationModule, PrismaModule],
  providers: [AccessService]
 })
 export class AccessModule {}
--- a/apps/api/src/app/access/access.service.ts
+++ b/apps/api/src/app/access/access.service.ts
@ -1,5 +1,6 @@
-import { PrismaService } from '@ghostfolio/api/services/prisma.service';
+import { PrismaService } from '@ghostfolio/api/services/prisma/prisma.service';
 import { AccessWithGranteeUser } from '@ghostfolio/common/types';
+
 import { Injectable } from '@nestjs/common';
 import { Access, Prisma } from '@prisma/client';

--- a/apps/api/src/app/access/create-access.dto.ts
+++ b/apps/api/src/app/access/create-access.dto.ts
@ -1,4 +1,5 @@
-import { IsOptional, IsString } from 'class-validator';
+import { AccessPermission } from '@prisma/client';
+import { IsEnum, IsOptional, IsString, IsUUID } from 'class-validator';

 export class CreateAccessDto {
  @IsOptional()
@ -6,6 +7,10 @@ export class CreateAccessDto {
  alias?: string;

  @IsOptional()
-  @IsString()
+  @IsUUID()
  granteeUserId?: string;
+
+  @IsEnum(AccessPermission, { each: true })
+  @IsOptional()
+  permissions?: AccessPermission[];
 }
--- a/apps/api/src/app/account-balance/account-balance.controller.ts
+++ b/apps/api/src/app/account-balance/account-balance.controller.ts
@ -0,0 +1,84 @@
+import { AccountService } from '@ghostfolio/api/app/account/account.service';
+import { HasPermission } from '@ghostfolio/api/decorators/has-permission.decorator';
+import { HasPermissionGuard } from '@ghostfolio/api/guards/has-permission.guard';
+import { permissions } from '@ghostfolio/common/permissions';
+import type { RequestWithUser } from '@ghostfolio/common/types';
+
+import {
+  Controller,
+  Body,
+  Post,
+  Delete,
+  HttpException,
+  Inject,
+  Param,
+  UseGuards
+} from '@nestjs/common';
+import { REQUEST } from '@nestjs/core';
+import { AuthGuard } from '@nestjs/passport';
+import { AccountBalance } from '@prisma/client';
+import { StatusCodes, getReasonPhrase } from 'http-status-codes';
+
+import { AccountBalanceService } from './account-balance.service';
+import { CreateAccountBalanceDto } from './create-account-balance.dto';
+
+@Controller('account-balance')
+export class AccountBalanceController {
+  public constructor(
+    private readonly accountBalanceService: AccountBalanceService,
+    private readonly accountService: AccountService,
+    @Inject(REQUEST) private readonly request: RequestWithUser
+  ) {}
+
+  @HasPermission(permissions.createAccountBalance)
+  @Post()
+  @UseGuards(AuthGuard('jwt'), HasPermissionGuard)
+  public async createAccountBalance(
+    @Body() data: CreateAccountBalanceDto
+  ): Promise<AccountBalance> {
+    const account = await this.accountService.account({
+      id_userId: {
+        id: data.accountId,
+        userId: this.request.user.id
+      }
+    });
+
+    if (!account) {
+      throw new HttpException(
+        getReasonPhrase(StatusCodes.FORBIDDEN),
+        StatusCodes.FORBIDDEN
+      );
+    }
+
+    return this.accountBalanceService.createOrUpdateAccountBalance({
+      accountId: account.id,
+      balance: data.balance,
+      date: data.date,
+      userId: account.userId
+    });
+  }
+
+  @HasPermission(permissions.deleteAccountBalance)
+  @Delete(':id')
+  @UseGuards(AuthGuard('jwt'), HasPermissionGuard)
+  public async deleteAccountBalance(
+    @Param('id') id: string
+  ): Promise<AccountBalance> {
+    const accountBalance = await this.accountBalanceService.accountBalance({
+      id,
+      userId: this.request.user.id
+    });
+
+    if (!accountBalance) {
+      throw new HttpException(
+        getReasonPhrase(StatusCodes.FORBIDDEN),
+        StatusCodes.FORBIDDEN
+      );
+    }
+
+    return this.accountBalanceService.deleteAccountBalance({
+      id: accountBalance.id,
+      userId: accountBalance.userId
+    });
+  }
+}
--- a/apps/api/src/app/account-balance/account-balance.module.ts
+++ b/apps/api/src/app/account-balance/account-balance.module.ts
@ -0,0 +1,16 @@
+import { AccountService } from '@ghostfolio/api/app/account/account.service';
+import { ExchangeRateDataModule } from '@ghostfolio/api/services/exchange-rate-data/exchange-rate-data.module';
+import { PrismaModule } from '@ghostfolio/api/services/prisma/prisma.module';
+
+import { Module } from '@nestjs/common';
+
+import { AccountBalanceController } from './account-balance.controller';
+import { AccountBalanceService } from './account-balance.service';
+
+@Module({
+  controllers: [AccountBalanceController],
+  exports: [AccountBalanceService],
+  imports: [ExchangeRateDataModule, PrismaModule],
+  providers: [AccountBalanceService, AccountService]
+})
+export class AccountBalanceModule {}
--- a/apps/api/src/app/account-balance/account-balance.service.ts
+++ b/apps/api/src/app/account-balance/account-balance.service.ts
@ -0,0 +1,187 @@
+import { PortfolioChangedEvent } from '@ghostfolio/api/events/portfolio-changed.event';
+import { LogPerformance } from '@ghostfolio/api/interceptors/performance-logging/performance-logging.interceptor';
+import { ExchangeRateDataService } from '@ghostfolio/api/services/exchange-rate-data/exchange-rate-data.service';
+import { PrismaService } from '@ghostfolio/api/services/prisma/prisma.service';
+import { DATE_FORMAT, getSum, resetHours } from '@ghostfolio/common/helper';
+import {
+  AccountBalancesResponse,
+  Filter,
+  HistoricalDataItem
+} from '@ghostfolio/common/interfaces';
+
+import { Injectable } from '@nestjs/common';
+import { EventEmitter2 } from '@nestjs/event-emitter';
+import { AccountBalance, Prisma } from '@prisma/client';
+import { Big } from 'big.js';
+import { format, parseISO } from 'date-fns';
+
+import { CreateAccountBalanceDto } from './create-account-balance.dto';
+
+@Injectable()
+export class AccountBalanceService {
+  public constructor(
+    private readonly eventEmitter: EventEmitter2,
+    private readonly exchangeRateDataService: ExchangeRateDataService,
+    private readonly prismaService: PrismaService
+  ) {}
+
+  public async accountBalance(
+    accountBalanceWhereInput: Prisma.AccountBalanceWhereInput
+  ): Promise<AccountBalance | null> {
+    return this.prismaService.accountBalance.findFirst({
+      include: {
+        Account: true
+      },
+      where: accountBalanceWhereInput
+    });
+  }
+
+  public async createOrUpdateAccountBalance({
+    accountId,
+    balance,
+    date,
+    userId
+  }: CreateAccountBalanceDto & {
+    userId: string;
+  }): Promise<AccountBalance> {
+    const accountBalance = await this.prismaService.accountBalance.upsert({
+      create: {
+        Account: {
+          connect: {
+            id_userId: {
+              userId,
+              id: accountId
+            }
+          }
+        },
+        date: resetHours(parseISO(date)),
+        value: balance
+      },
+      update: {
+        value: balance
+      },
+      where: {
+        accountId_date: {
+          accountId,
+          date: resetHours(parseISO(date))
+        }
+      }
+    });
+
+    this.eventEmitter.emit(
+      PortfolioChangedEvent.getName(),
+      new PortfolioChangedEvent({
+        userId
+      })
+    );
+
+    return accountBalance;
+  }
+
+  public async deleteAccountBalance(
+    where: Prisma.AccountBalanceWhereUniqueInput
+  ): Promise<AccountBalance> {
+    const accountBalance = await this.prismaService.accountBalance.delete({
+      where
+    });
+
+    this.eventEmitter.emit(
+      PortfolioChangedEvent.getName(),
+      new PortfolioChangedEvent({
+        userId: where.userId as string
+      })
+    );
+
+    return accountBalance;
+  }
+
+  public async getAccountBalanceItems({
+    filters,
+    userCurrency,
+    userId
+  }: {
+    filters?: Filter[];
+    userCurrency: string;
+    userId: string;
+  }): Promise<HistoricalDataItem[]> {
+    const { balances } = await this.getAccountBalances({
+      filters,
+      userCurrency,
+      userId,
+      withExcludedAccounts: false // TODO
+    });
+    const accumulatedBalancesByDate: { [date: string]: HistoricalDataItem } =
+      {};
+    const lastBalancesByAccount: { [accountId: string]: Big } = {};
+
+    for (const { accountId, date, valueInBaseCurrency } of balances) {
+      const formattedDate = format(date, DATE_FORMAT);
+
+      lastBalancesByAccount[accountId] = new Big(valueInBaseCurrency);
+
+      const totalBalance = getSum(Object.values(lastBalancesByAccount));
+
+      // Add or update the accumulated balance for this date
+      accumulatedBalancesByDate[formattedDate] = {
+        date: formattedDate,
+        value: totalBalance.toNumber()
+      };
+    }
+
+    return Object.values(accumulatedBalancesByDate);
+  }
+
+  @LogPerformance
+  public async getAccountBalances({
+    filters,
+    userCurrency,
+    userId,
+    withExcludedAccounts
+  }: {
+    filters?: Filter[];
+    userCurrency: string;
+    userId: string;
+    withExcludedAccounts?: boolean;
+  }): Promise<AccountBalancesResponse> {
+    const where: Prisma.AccountBalanceWhereInput = { userId };
+
+    const accountFilter = filters?.find(({ type }) => {
+      return type === 'ACCOUNT';
+    });
+
+    if (accountFilter) {
+      where.accountId = accountFilter.id;
+    }
+
+    if (withExcludedAccounts === false) {
+      where.Account = { isExcluded: false };
+    }
+
+    const balances = await this.prismaService.accountBalance.findMany({
+      where,
+      orderBy: {
+        date: 'asc'
+      },
+      select: {
+        Account: true,
+        date: true,
+        id: true,
+        value: true
+      }
+    });
+
+    return {
+      balances: balances.map((balance) => {
+        return {
+          ...balance,
+          accountId: balance.Account.id,
+          valueInBaseCurrency: this.exchangeRateDataService.toCurrency(
+            balance.value,
+            balance.Account.currency,
+            userCurrency
+          )
+        };
+      })
+    };
+  }
+}
--- a/apps/api/src/app/account-balance/create-account-balance.dto.ts
+++ b/apps/api/src/app/account-balance/create-account-balance.dto.ts
@ -0,0 +1,12 @@
+import { IsISO8601, IsNumber, IsUUID } from 'class-validator';
+
+export class CreateAccountBalanceDto {
+  @IsUUID()
+  accountId: string;
+
+  @IsNumber()
+  balance: number;
+
+  @IsISO8601()
+  date: string;
+}
--- a/apps/api/src/app/account/account.controller.ts
+++ b/apps/api/src/app/account/account.controller.ts
@ -1,13 +1,22 @@
+import { AccountBalanceService } from '@ghostfolio/api/app/account-balance/account-balance.service';
 import { PortfolioService } from '@ghostfolio/api/app/portfolio/portfolio.service';
-import { RedactValuesInResponseInterceptor } from '@ghostfolio/api/interceptors/redact-values-in-response.interceptor';
-import { ImpersonationService } from '@ghostfolio/api/services/impersonation.service';
+import { HasPermission } from '@ghostfolio/api/decorators/has-permission.decorator';
+import { HasPermissionGuard } from '@ghostfolio/api/guards/has-permission.guard';
+import { RedactValuesInResponseInterceptor } from '@ghostfolio/api/interceptors/redact-values-in-response/redact-values-in-response.interceptor';
+import { TransformDataSourceInRequestInterceptor } from '@ghostfolio/api/interceptors/transform-data-source-in-request/transform-data-source-in-request.interceptor';
+import { ApiService } from '@ghostfolio/api/services/api/api.service';
+import { ImpersonationService } from '@ghostfolio/api/services/impersonation/impersonation.service';
 import { HEADER_KEY_IMPERSONATION } from '@ghostfolio/common/config';
-import { Accounts } from '@ghostfolio/common/interfaces';
-import { hasPermission, permissions } from '@ghostfolio/common/permissions';
+import {
+  AccountBalancesResponse,
+  Accounts
+} from '@ghostfolio/common/interfaces';
+import { permissions } from '@ghostfolio/common/permissions';
 import type {
  AccountWithValue,
  RequestWithUser
 } from '@ghostfolio/common/types';
+
 import {
  Body,
  Controller,
@ -19,6 +28,7 @@ import {
  Param,
  Post,
  Put,
+  Query,
  UseGuards,
  UseInterceptors
 } from '@nestjs/common';
@ -29,29 +39,24 @@ import { StatusCodes, getReasonPhrase } from 'http-status-codes';

 import { AccountService } from './account.service';
 import { CreateAccountDto } from './create-account.dto';
+import { TransferBalanceDto } from './transfer-balance.dto';
 import { UpdateAccountDto } from './update-account.dto';

@Controller('account')
 export class AccountController {
  public constructor(
+    private readonly accountBalanceService: AccountBalanceService,
    private readonly accountService: AccountService,
+    private readonly apiService: ApiService,
    private readonly impersonationService: ImpersonationService,
    private readonly portfolioService: PortfolioService,
    @Inject(REQUEST) private readonly request: RequestWithUser
  ) {}

  @Delete(':id')
-  @UseGuards(AuthGuard('jwt'))
+  @HasPermission(permissions.deleteAccount)
+  @UseGuards(AuthGuard('jwt'), HasPermissionGuard)
  public async deleteAccount(@Param('id') id: string): Promise<AccountModel> {
-    if (
-      !hasPermission(this.request.user.permissions, permissions.deleteAccount)
-    ) {
-      throw new HttpException(
-        getReasonPhrase(StatusCodes.FORBIDDEN),
-        StatusCodes.FORBIDDEN
-      );
-    }
-
    const account = await this.accountService.accountWithOrders(
      {
        id_userId: {
@ -62,54 +67,54 @@ export class AccountController {
      { Order: true }
    );

-    if (account?.isDefault || account?.Order.length > 0) {
+    if (!account || account?.Order.length > 0) {
      throw new HttpException(
        getReasonPhrase(StatusCodes.FORBIDDEN),
        StatusCodes.FORBIDDEN
      );
    }

-    return this.accountService.deleteAccount(
-      {
-        id_userId: {
-          id,
-          userId: this.request.user.id
-        }
-      },
-      this.request.user.id
-    );
+    return this.accountService.deleteAccount({
+      id_userId: {
+        id,
+        userId: this.request.user.id
+      }
+    });
  }

  @Get()
-  @UseGuards(AuthGuard('jwt'))
+  @UseGuards(AuthGuard('jwt'), HasPermissionGuard)
  @UseInterceptors(RedactValuesInResponseInterceptor)
+  @UseInterceptors(TransformDataSourceInRequestInterceptor)
  public async getAllAccounts(
-    @Headers(HEADER_KEY_IMPERSONATION.toLowerCase()) impersonationId
+    @Headers(HEADER_KEY_IMPERSONATION.toLowerCase()) impersonationId,
+    @Query('dataSource') filterByDataSource?: string,
+    @Query('symbol') filterBySymbol?: string
  ): Promise<Accounts> {
    const impersonationUserId =
-      await this.impersonationService.validateImpersonationId(
-        impersonationId,
-        this.request.user.id
-      );
+      await this.impersonationService.validateImpersonationId(impersonationId);
+
+    const filters = this.apiService.buildFiltersFromQueryParams({
+      filterByDataSource,
+      filterBySymbol
+    });

    return this.portfolioService.getAccountsWithAggregations({
+      filters,
      userId: impersonationUserId || this.request.user.id,
      withExcludedAccounts: true
    });
  }

  @Get(':id')
-  @UseGuards(AuthGuard('jwt'))
+  @UseGuards(AuthGuard('jwt'), HasPermissionGuard)
  @UseInterceptors(RedactValuesInResponseInterceptor)
  public async getAccountById(
    @Headers(HEADER_KEY_IMPERSONATION.toLowerCase()) impersonationId,
    @Param('id') id: string
  ): Promise<AccountWithValue> {
    const impersonationUserId =
-      await this.impersonationService.validateImpersonationId(
-        impersonationId,
-        this.request.user.id
-      );
+      await this.impersonationService.validateImpersonationId(impersonationId);

    const accountsWithAggregations =
      await this.portfolioService.getAccountsWithAggregations({
@ -121,20 +126,25 @@ export class AccountController {
    return accountsWithAggregations.accounts[0];
  }

+  @Get(':id/balances')
+  @UseGuards(AuthGuard('jwt'), HasPermissionGuard)
+  @UseInterceptors(RedactValuesInResponseInterceptor)
+  public async getAccountBalancesById(
+    @Param('id') id: string
+  ): Promise<AccountBalancesResponse> {
+    return this.accountBalanceService.getAccountBalances({
+      filters: [{ id, type: 'ACCOUNT' }],
+      userCurrency: this.request.user.Settings.settings.baseCurrency,
+      userId: this.request.user.id
+    });
+  }
+
+  @HasPermission(permissions.createAccount)
  @Post()
-  @UseGuards(AuthGuard('jwt'))
+  @UseGuards(AuthGuard('jwt'), HasPermissionGuard)
  public async createAccount(
    @Body() data: CreateAccountDto
  ): Promise<AccountModel> {
-    if (
-      !hasPermission(this.request.user.permissions, permissions.createAccount)
-    ) {
-      throw new HttpException(
-        getReasonPhrase(StatusCodes.FORBIDDEN),
-        StatusCodes.FORBIDDEN
-      );
-    }
-
    if (data.platformId) {
      const platformId = data.platformId;
      delete data.platformId;
@ -160,18 +170,64 @@ export class AccountController {
    }
  }

-  @Put(':id')
-  @UseGuards(AuthGuard('jwt'))
-  public async update(@Param('id') id: string, @Body() data: UpdateAccountDto) {
-    if (
-      !hasPermission(this.request.user.permissions, permissions.updateAccount)
-    ) {
+  @HasPermission(permissions.updateAccount)
+  @Post('transfer-balance')
+  @UseGuards(AuthGuard('jwt'), HasPermissionGuard)
+  public async transferAccountBalance(
+    @Body() { accountIdFrom, accountIdTo, balance }: TransferBalanceDto
+  ) {
+    const accountsOfUser = await this.accountService.getAccounts(
+      this.request.user.id
+    );
+
+    const accountFrom = accountsOfUser.find(({ id }) => {
+      return id === accountIdFrom;
+    });
+
+    const accountTo = accountsOfUser.find(({ id }) => {
+      return id === accountIdTo;
+    });
+
+    if (!accountFrom || !accountTo) {
      throw new HttpException(
-        getReasonPhrase(StatusCodes.FORBIDDEN),
-        StatusCodes.FORBIDDEN
+        getReasonPhrase(StatusCodes.NOT_FOUND),
+        StatusCodes.NOT_FOUND
      );
    }

+    if (accountFrom.id === accountTo.id) {
+      throw new HttpException(
+        getReasonPhrase(StatusCodes.BAD_REQUEST),
+        StatusCodes.BAD_REQUEST
+      );
+    }
+
+    if (accountFrom.balance < balance) {
+      throw new HttpException(
+        getReasonPhrase(StatusCodes.BAD_REQUEST),
+        StatusCodes.BAD_REQUEST
+      );
+    }
+
+    await this.accountService.updateAccountBalance({
+      accountId: accountFrom.id,
+      amount: -balance,
+      currency: accountFrom.currency,
+      userId: this.request.user.id
+    });
+
+    await this.accountService.updateAccountBalance({
+      accountId: accountTo.id,
+      amount: balance,
+      currency: accountFrom.currency,
+      userId: this.request.user.id
+    });
+  }
+
+  @HasPermission(permissions.updateAccount)
+  @Put(':id')
+  @UseGuards(AuthGuard('jwt'), HasPermissionGuard)
+  public async update(@Param('id') id: string, @Body() data: UpdateAccountDto) {
    const originalAccount = await this.accountService.account({
      id_userId: {
        id,
--- a/apps/api/src/app/account/account.module.ts
+++ b/apps/api/src/app/account/account.module.ts
@ -1,11 +1,12 @@
+import { AccountBalanceModule } from '@ghostfolio/api/app/account-balance/account-balance.module';
 import { PortfolioModule } from '@ghostfolio/api/app/portfolio/portfolio.module';
-import { RedisCacheModule } from '@ghostfolio/api/app/redis-cache/redis-cache.module';
-import { UserModule } from '@ghostfolio/api/app/user/user.module';
-import { ConfigurationModule } from '@ghostfolio/api/services/configuration.module';
-import { DataProviderModule } from '@ghostfolio/api/services/data-provider/data-provider.module';
-import { ExchangeRateDataModule } from '@ghostfolio/api/services/exchange-rate-data.module';
-import { ImpersonationModule } from '@ghostfolio/api/services/impersonation.module';
-import { PrismaModule } from '@ghostfolio/api/services/prisma.module';
+import { RedactValuesInResponseModule } from '@ghostfolio/api/interceptors/redact-values-in-response/redact-values-in-response.module';
+import { ApiModule } from '@ghostfolio/api/services/api/api.module';
+import { ConfigurationModule } from '@ghostfolio/api/services/configuration/configuration.module';
+import { ExchangeRateDataModule } from '@ghostfolio/api/services/exchange-rate-data/exchange-rate-data.module';
+import { ImpersonationModule } from '@ghostfolio/api/services/impersonation/impersonation.module';
+import { PrismaModule } from '@ghostfolio/api/services/prisma/prisma.module';
+
 import { Module } from '@nestjs/common';

 import { AccountController } from './account.controller';
@ -15,14 +16,14 @@ import { AccountService } from './account.service';
  controllers: [AccountController],
  exports: [AccountService],
  imports: [
+    AccountBalanceModule,
+    ApiModule,
    ConfigurationModule,
-    DataProviderModule,
    ExchangeRateDataModule,
    ImpersonationModule,
    PortfolioModule,
    PrismaModule,
-    RedisCacheModule,
-    UserModule
+    RedactValuesInResponseModule
  ],
  providers: [AccountService]
 })
--- a/apps/api/src/app/account/account.service.ts
+++ b/apps/api/src/app/account/account.service.ts
@ -1,9 +1,15 @@
-import { ExchangeRateDataService } from '@ghostfolio/api/services/exchange-rate-data.service';
-import { PrismaService } from '@ghostfolio/api/services/prisma.service';
+import { AccountBalanceService } from '@ghostfolio/api/app/account-balance/account-balance.service';
+import { PortfolioChangedEvent } from '@ghostfolio/api/events/portfolio-changed.event';
+import { ExchangeRateDataService } from '@ghostfolio/api/services/exchange-rate-data/exchange-rate-data.service';
+import { PrismaService } from '@ghostfolio/api/services/prisma/prisma.service';
+import { DATE_FORMAT } from '@ghostfolio/common/helper';
 import { Filter } from '@ghostfolio/common/interfaces';
+
 import { Injectable } from '@nestjs/common';
+import { EventEmitter2 } from '@nestjs/event-emitter';
 import { Account, Order, Platform, Prisma } from '@prisma/client';
-import Big from 'big.js';
+import { Big } from 'big.js';
+import { format } from 'date-fns';
 import { groupBy } from 'lodash';

 import { CashDetails } from './interfaces/cash-details.interface';
@ -11,16 +17,20 @@ import { CashDetails } from './interfaces/cash-details.interface';
@Injectable()
 export class AccountService {
  public constructor(
+    private readonly accountBalanceService: AccountBalanceService,
+    private readonly eventEmitter: EventEmitter2,
    private readonly exchangeRateDataService: ExchangeRateDataService,
    private readonly prismaService: PrismaService
  ) {}

-  public async account(
-    accountWhereUniqueInput: Prisma.AccountWhereUniqueInput
-  ): Promise<Account | null> {
-    return this.prismaService.account.findUnique({
-      where: accountWhereUniqueInput
+  public async account({
+    id_userId
+  }: Prisma.AccountWhereUniqueInput): Promise<Account | null> {
+    const [account] = await this.accounts({
+      where: id_userId
    });
+
+    return account;
  }

  public async accountWithOrders(
@ -50,9 +60,11 @@ export class AccountService {
      Platform?: Platform;
    })[]
  > {
-    const { include, skip, take, cursor, where, orderBy } = params;
+    const { include = {}, skip, take, cursor, where, orderBy } = params;

-    return this.prismaService.account.findMany({
+    include.balances = { orderBy: { date: 'desc' }, take: 1 };
+
+    const accounts = await this.prismaService.account.findMany({
      cursor,
      include,
      orderBy,
@ -60,27 +72,59 @@ export class AccountService {
      take,
      where
    });
+
+    return accounts.map((account) => {
+      account = { ...account, balance: account.balances[0]?.value ?? 0 };
+
+      delete account.balances;
+
+      return account;
+    });
  }

  public async createAccount(
    data: Prisma.AccountCreateInput,
    aUserId: string
  ): Promise<Account> {
-    return this.prismaService.account.create({
+    const account = await this.prismaService.account.create({
      data
    });
+
+    await this.accountBalanceService.createOrUpdateAccountBalance({
+      accountId: account.id,
+      balance: data.balance,
+      date: format(new Date(), DATE_FORMAT),
+      userId: aUserId
+    });
+
+    this.eventEmitter.emit(
+      PortfolioChangedEvent.getName(),
+      new PortfolioChangedEvent({
+        userId: account.userId
+      })
+    );
+
+    return account;
  }

  public async deleteAccount(
-    where: Prisma.AccountWhereUniqueInput,
-    aUserId: string
+    where: Prisma.AccountWhereUniqueInput
  ): Promise<Account> {
-    return this.prismaService.account.delete({
+    const account = await this.prismaService.account.delete({
      where
    });
+
+    this.eventEmitter.emit(
+      PortfolioChangedEvent.getName(),
+      new PortfolioChangedEvent({
+        userId: account.userId
+      })
+    );
+
+    return account;
  }

-  public async getAccounts(aUserId: string) {
+  public async getAccounts(aUserId: string): Promise<Account[]> {
    const accounts = await this.accounts({
      include: { Order: true, Platform: true },
      orderBy: { name: 'asc' },
@ -125,12 +169,8 @@ export class AccountService {
      where.isExcluded = false;
    }

-    const {
-      ACCOUNT: filtersByAccount,
-      ASSET_CLASS: filtersByAssetClass,
-      TAG: filtersByTag
-    } = groupBy(filters, (filter) => {
-      return filter.type;
+    const { ACCOUNT: filtersByAccount } = groupBy(filters, ({ type }) => {
+      return type;
    });

    if (filtersByAccount?.length > 0) {
@ -167,9 +207,64 @@ export class AccountService {
    aUserId: string
  ): Promise<Account> {
    const { data, where } = params;
-    return this.prismaService.account.update({
+
+    await this.accountBalanceService.createOrUpdateAccountBalance({
+      accountId: data.id as string,
+      balance: data.balance as number,
+      date: format(new Date(), DATE_FORMAT),
+      userId: aUserId
+    });
+
+    const account = await this.prismaService.account.update({
      data,
      where
    });
+
+    this.eventEmitter.emit(
+      PortfolioChangedEvent.getName(),
+      new PortfolioChangedEvent({
+        userId: account.userId
+      })
+    );
+
+    return account;
+  }
+
+  public async updateAccountBalance({
+    accountId,
+    amount,
+    currency,
+    date = new Date(),
+    userId
+  }: {
+    accountId: string;
+    amount: number;
+    currency: string;
+    date?: Date;
+    userId: string;
+  }) {
+    const { balance, currency: currencyOfAccount } = await this.account({
+      id_userId: {
+        userId,
+        id: accountId
+      }
+    });
+
+    const amountInCurrencyOfAccount =
+      await this.exchangeRateDataService.toCurrencyAtDate(
+        amount,
+        currency,
+        currencyOfAccount,
+        date
+      );
+
+    if (amountInCurrencyOfAccount) {
+      await this.accountBalanceService.createOrUpdateAccountBalance({
+        accountId,
+        userId,
+        balance: new Big(balance).plus(amountInCurrencyOfAccount).toNumber(),
+        date: date.toISOString()
+      });
+    }
  }
 }
--- a/apps/api/src/app/account/create-account.dto.ts
+++ b/apps/api/src/app/account/create-account.dto.ts
@ -1,4 +1,6 @@
-import { AccountType } from '@prisma/client';
+import { IsCurrencyCode } from '@ghostfolio/api/validators/is-currency-code';
+
+import { Transform, TransformFnParams } from 'class-transformer';
 import {
  IsBoolean,
  IsNumber,
@ -6,15 +8,20 @@ import {
  IsString,
  ValidateIf
 } from 'class-validator';
+import { isString } from 'lodash';

 export class CreateAccountDto {
-  @IsString()
-  accountType: AccountType;
-
  @IsNumber()
  balance: number;

+  @IsOptional()
  @IsString()
+  @Transform(({ value }: TransformFnParams) =>
+    isString(value) ? value.trim() : value
+  )
+  comment?: string;
+
+  @IsCurrencyCode()
  currency: string;

  @IsOptional()
@ -29,6 +36,6 @@ export class CreateAccountDto {
  name: string;

  @IsString()
-  @ValidateIf((object, value) => value !== null)
+  @ValidateIf((_object, value) => value !== null)
  platformId: string | null;
 }
--- a/apps/api/src/app/account/transfer-balance.dto.ts
+++ b/apps/api/src/app/account/transfer-balance.dto.ts
@ -0,0 +1,13 @@
+import { IsNumber, IsPositive, IsString } from 'class-validator';
+
+export class TransferBalanceDto {
+  @IsString()
+  accountIdFrom: string;
+
+  @IsString()
+  accountIdTo: string;
+
+  @IsNumber()
+  @IsPositive()
+  balance: number;
+}
--- a/apps/api/src/app/account/update-account.dto.ts
+++ b/apps/api/src/app/account/update-account.dto.ts
@ -1,4 +1,6 @@
-import { AccountType } from '@prisma/client';
+import { IsCurrencyCode } from '@ghostfolio/api/validators/is-currency-code';
+
+import { Transform, TransformFnParams } from 'class-transformer';
 import {
  IsBoolean,
  IsNumber,
@ -6,15 +8,20 @@ import {
  IsString,
  ValidateIf
 } from 'class-validator';
+import { isString } from 'lodash';

 export class UpdateAccountDto {
-  @IsString()
-  accountType: AccountType;
-
  @IsNumber()
  balance: number;

+  @IsOptional()
  @IsString()
+  @Transform(({ value }: TransformFnParams) =>
+    isString(value) ? value.trim() : value
+  )
+  comment?: string;
+
+  @IsCurrencyCode()
  currency: string;

  @IsString()
@ -28,6 +35,6 @@ export class UpdateAccountDto {
  name: string;

  @IsString()
-  @ValidateIf((object, value) => value !== null)
+  @ValidateIf((_object, value) => value !== null)
  platformId: string | null;
 }
--- a/apps/api/src/app/admin/admin.controller.ts
+++ b/apps/api/src/app/admin/admin.controller.ts
@ -1,19 +1,31 @@
-import { DataGatheringService } from '@ghostfolio/api/services/data-gathering.service';
-import { MarketDataService } from '@ghostfolio/api/services/market-data.service';
+import { HasPermission } from '@ghostfolio/api/decorators/has-permission.decorator';
+import { HasPermissionGuard } from '@ghostfolio/api/guards/has-permission.guard';
+import { TransformDataSourceInRequestInterceptor } from '@ghostfolio/api/interceptors/transform-data-source-in-request/transform-data-source-in-request.interceptor';
+import { ApiService } from '@ghostfolio/api/services/api/api.service';
+import { ManualService } from '@ghostfolio/api/services/data-provider/manual/manual.service';
+import { MarketDataService } from '@ghostfolio/api/services/market-data/market-data.service';
 import { PropertyDto } from '@ghostfolio/api/services/property/property.dto';
+import { DataGatheringService } from '@ghostfolio/api/services/queues/data-gathering/data-gathering.service';
 import {
+  DATA_GATHERING_QUEUE_PRIORITY_HIGH,
+  DATA_GATHERING_QUEUE_PRIORITY_MEDIUM,
  GATHER_ASSET_PROFILE_PROCESS,
  GATHER_ASSET_PROFILE_PROCESS_OPTIONS
 } from '@ghostfolio/common/config';
+import { getAssetProfileIdentifier } from '@ghostfolio/common/helper';
 import {
  AdminData,
  AdminMarketData,
  AdminMarketDataDetails,
-  EnhancedSymbolProfile,
-  Filter
+  AdminUsers,
+  EnhancedSymbolProfile
 } from '@ghostfolio/common/interfaces';
-import { hasPermission, permissions } from '@ghostfolio/common/permissions';
-import type { RequestWithUser } from '@ghostfolio/common/types';
+import { permissions } from '@ghostfolio/common/permissions';
+import type {
+  MarketDataPreset,
+  RequestWithUser
+} from '@ghostfolio/common/types';
+
 import {
  Body,
  Controller,
@ -21,199 +33,145 @@ import {
  Get,
  HttpException,
  Inject,
+  Logger,
  Param,
  Patch,
  Post,
  Put,
  Query,
-  UseGuards
+  UseGuards,
+  UseInterceptors
 } from '@nestjs/common';
 import { REQUEST } from '@nestjs/core';
 import { AuthGuard } from '@nestjs/passport';
-import { DataSource, MarketData } from '@prisma/client';
-import { isDate } from 'date-fns';
+import { DataSource, MarketData, Prisma, SymbolProfile } from '@prisma/client';
+import { isDate, parseISO } from 'date-fns';
 import { StatusCodes, getReasonPhrase } from 'http-status-codes';

 import { AdminService } from './admin.service';
 import { UpdateAssetProfileDto } from './update-asset-profile.dto';
+import { UpdateBulkMarketDataDto } from './update-bulk-market-data.dto';
 import { UpdateMarketDataDto } from './update-market-data.dto';

@Controller('admin')
 export class AdminController {
  public constructor(
    private readonly adminService: AdminService,
+    private readonly apiService: ApiService,
    private readonly dataGatheringService: DataGatheringService,
+    private readonly manualService: ManualService,
    private readonly marketDataService: MarketDataService,
    @Inject(REQUEST) private readonly request: RequestWithUser
  ) {}

  @Get()
-  @UseGuards(AuthGuard('jwt'))
+  @HasPermission(permissions.accessAdminControl)
+  @UseGuards(AuthGuard('jwt'), HasPermissionGuard)
  public async getAdminData(): Promise<AdminData> {
-    if (
-      !hasPermission(
-        this.request.user.permissions,
-        permissions.accessAdminControl
-      )
-    ) {
-      throw new HttpException(
-        getReasonPhrase(StatusCodes.FORBIDDEN),
-        StatusCodes.FORBIDDEN
-      );
-    }
-
    return this.adminService.get();
  }

+  @HasPermission(permissions.accessAdminControl)
  @Post('gather')
-  @UseGuards(AuthGuard('jwt'))
+  @UseGuards(AuthGuard('jwt'), HasPermissionGuard)
  public async gather7Days(): Promise<void> {
-    if (
-      !hasPermission(
-        this.request.user.permissions,
-        permissions.accessAdminControl
-      )
-    ) {
-      throw new HttpException(
-        getReasonPhrase(StatusCodes.FORBIDDEN),
-        StatusCodes.FORBIDDEN
-      );
-    }
-
    this.dataGatheringService.gather7Days();
  }

+  @HasPermission(permissions.accessAdminControl)
  @Post('gather/max')
-  @UseGuards(AuthGuard('jwt'))
+  @UseGuards(AuthGuard('jwt'), HasPermissionGuard)
  public async gatherMax(): Promise<void> {
-    if (
-      !hasPermission(
-        this.request.user.permissions,
-        permissions.accessAdminControl
-      )
-    ) {
-      throw new HttpException(
-        getReasonPhrase(StatusCodes.FORBIDDEN),
-        StatusCodes.FORBIDDEN
-      );
-    }
+    const assetProfileIdentifiers =
+      await this.dataGatheringService.getAllAssetProfileIdentifiers();

-    const uniqueAssets = await this.dataGatheringService.getUniqueAssets();
-
-    for (const { dataSource, symbol } of uniqueAssets) {
-      await this.dataGatheringService.addJobToQueue(
-        GATHER_ASSET_PROFILE_PROCESS,
-        {
-          dataSource,
-          symbol
-        },
-        GATHER_ASSET_PROFILE_PROCESS_OPTIONS
-      );
-    }
+    await this.dataGatheringService.addJobsToQueue(
+      assetProfileIdentifiers.map(({ dataSource, symbol }) => {
+        return {
+          data: {
+            dataSource,
+            symbol
+          },
+          name: GATHER_ASSET_PROFILE_PROCESS,
+          opts: {
+            ...GATHER_ASSET_PROFILE_PROCESS_OPTIONS,
+            jobId: getAssetProfileIdentifier({ dataSource, symbol }),
+            priority: DATA_GATHERING_QUEUE_PRIORITY_MEDIUM
+          }
+        };
+      })
+    );

    this.dataGatheringService.gatherMax();
  }

+  @HasPermission(permissions.accessAdminControl)
  @Post('gather/profile-data')
-  @UseGuards(AuthGuard('jwt'))
+  @UseGuards(AuthGuard('jwt'), HasPermissionGuard)
  public async gatherProfileData(): Promise<void> {
-    if (
-      !hasPermission(
-        this.request.user.permissions,
-        permissions.accessAdminControl
-      )
-    ) {
-      throw new HttpException(
-        getReasonPhrase(StatusCodes.FORBIDDEN),
-        StatusCodes.FORBIDDEN
-      );
-    }
+    const assetProfileIdentifiers =
+      await this.dataGatheringService.getAllAssetProfileIdentifiers();

-    const uniqueAssets = await this.dataGatheringService.getUniqueAssets();
-
-    for (const { dataSource, symbol } of uniqueAssets) {
-      await this.dataGatheringService.addJobToQueue(
-        GATHER_ASSET_PROFILE_PROCESS,
-        {
-          dataSource,
-          symbol
-        },
-        GATHER_ASSET_PROFILE_PROCESS_OPTIONS
-      );
-    }
+    await this.dataGatheringService.addJobsToQueue(
+      assetProfileIdentifiers.map(({ dataSource, symbol }) => {
+        return {
+          data: {
+            dataSource,
+            symbol
+          },
+          name: GATHER_ASSET_PROFILE_PROCESS,
+          opts: {
+            ...GATHER_ASSET_PROFILE_PROCESS_OPTIONS,
+            jobId: getAssetProfileIdentifier({ dataSource, symbol }),
+            priority: DATA_GATHERING_QUEUE_PRIORITY_MEDIUM
+          }
+        };
+      })
+    );
  }

+  @HasPermission(permissions.accessAdminControl)
  @Post('gather/profile-data/:dataSource/:symbol')
-  @UseGuards(AuthGuard('jwt'))
+  @UseGuards(AuthGuard('jwt'), HasPermissionGuard)
  public async gatherProfileDataForSymbol(
    @Param('dataSource') dataSource: DataSource,
    @Param('symbol') symbol: string
  ): Promise<void> {
-    if (
-      !hasPermission(
-        this.request.user.permissions,
-        permissions.accessAdminControl
-      )
-    ) {
-      throw new HttpException(
-        getReasonPhrase(StatusCodes.FORBIDDEN),
-        StatusCodes.FORBIDDEN
-      );
-    }
-
-    await this.dataGatheringService.addJobToQueue(
-      GATHER_ASSET_PROFILE_PROCESS,
-      {
+    await this.dataGatheringService.addJobToQueue({
+      data: {
        dataSource,
        symbol
      },
-      GATHER_ASSET_PROFILE_PROCESS_OPTIONS
-    );
+      name: GATHER_ASSET_PROFILE_PROCESS,
+      opts: {
+        ...GATHER_ASSET_PROFILE_PROCESS_OPTIONS,
+        jobId: getAssetProfileIdentifier({ dataSource, symbol }),
+        priority: DATA_GATHERING_QUEUE_PRIORITY_HIGH
+      }
+    });
  }

  @Post('gather/:dataSource/:symbol')
-  @UseGuards(AuthGuard('jwt'))
+  @UseGuards(AuthGuard('jwt'), HasPermissionGuard)
+  @HasPermission(permissions.accessAdminControl)
  public async gatherSymbol(
    @Param('dataSource') dataSource: DataSource,
    @Param('symbol') symbol: string
  ): Promise<void> {
-    if (
-      !hasPermission(
-        this.request.user.permissions,
-        permissions.accessAdminControl
-      )
-    ) {
-      throw new HttpException(
-        getReasonPhrase(StatusCodes.FORBIDDEN),
-        StatusCodes.FORBIDDEN
-      );
-    }
-
    this.dataGatheringService.gatherSymbol({ dataSource, symbol });

    return;
  }

+  @HasPermission(permissions.accessAdminControl)
  @Post('gather/:dataSource/:symbol/:dateString')
-  @UseGuards(AuthGuard('jwt'))
+  @UseGuards(AuthGuard('jwt'), HasPermissionGuard)
  public async gatherSymbolForDate(
    @Param('dataSource') dataSource: DataSource,
    @Param('dateString') dateString: string,
    @Param('symbol') symbol: string
  ): Promise<MarketData> {
-    if (
-      !hasPermission(
-        this.request.user.permissions,
-        permissions.accessAdminControl
-      )
-    ) {
-      throw new HttpException(
-        getReasonPhrase(StatusCodes.FORBIDDEN),
-        StatusCodes.FORBIDDEN
-      );
-    }
-
-    const date = new Date(dateString);
+    const date = parseISO(dateString);

    if (!isDate(date)) {
      throw new HttpException(
@ -230,83 +188,116 @@ export class AdminController {
  }

  @Get('market-data')
-  @UseGuards(AuthGuard('jwt'))
+  @HasPermission(permissions.accessAdminControl)
+  @UseGuards(AuthGuard('jwt'), HasPermissionGuard)
  public async getMarketData(
-    @Query('assetSubClasses') filterByAssetSubClasses?: string
+    @Query('assetSubClasses') filterByAssetSubClasses?: string,
+    @Query('presetId') presetId?: MarketDataPreset,
+    @Query('query') filterBySearchQuery?: string,
+    @Query('skip') skip?: number,
+    @Query('sortColumn') sortColumn?: string,
+    @Query('sortDirection') sortDirection?: Prisma.SortOrder,
+    @Query('take') take?: number
  ): Promise<AdminMarketData> {
-    if (
-      !hasPermission(
-        this.request.user.permissions,
-        permissions.accessAdminControl
-      )
-    ) {
-      throw new HttpException(
-        getReasonPhrase(StatusCodes.FORBIDDEN),
-        StatusCodes.FORBIDDEN
-      );
-    }
+    const filters = this.apiService.buildFiltersFromQueryParams({
+      filterByAssetSubClasses,
+      filterBySearchQuery
+    });

-    const assetSubClasses = filterByAssetSubClasses?.split(',') ?? [];
-
-    const filters: Filter[] = [
-      ...assetSubClasses.map((assetSubClass) => {
-        return <Filter>{
-          id: assetSubClass,
-          type: 'ASSET_SUB_CLASS'
-        };
-      })
-    ];
-
-    return this.adminService.getMarketData(filters);
+    return this.adminService.getMarketData({
+      filters,
+      presetId,
+      sortColumn,
+      sortDirection,
+      skip: isNaN(skip) ? undefined : skip,
+      take: isNaN(take) ? undefined : take
+    });
  }

+  /**
+   * @deprecated
+   */
  @Get('market-data/:dataSource/:symbol')
-  @UseGuards(AuthGuard('jwt'))
+  @HasPermission(permissions.accessAdminControl)
+  @UseGuards(AuthGuard('jwt'), HasPermissionGuard)
  public async getMarketDataBySymbol(
    @Param('dataSource') dataSource: DataSource,
    @Param('symbol') symbol: string
  ): Promise<AdminMarketDataDetails> {
-    if (
-      !hasPermission(
-        this.request.user.permissions,
-        permissions.accessAdminControl
-      )
-    ) {
-      throw new HttpException(
-        getReasonPhrase(StatusCodes.FORBIDDEN),
-        StatusCodes.FORBIDDEN
-      );
-    }
-
    return this.adminService.getMarketDataBySymbol({ dataSource, symbol });
  }

+  @HasPermission(permissions.accessAdminControl)
+  @Post('market-data/:dataSource/:symbol/test')
+  @UseGuards(AuthGuard('jwt'), HasPermissionGuard)
+  public async testMarketData(
+    @Body() data: { scraperConfiguration: string },
+    @Param('dataSource') dataSource: DataSource,
+    @Param('symbol') symbol: string
+  ): Promise<{ price: number }> {
+    try {
+      const scraperConfiguration = JSON.parse(data.scraperConfiguration);
+      const price = await this.manualService.test(scraperConfiguration);
+
+      if (price) {
+        return { price };
+      }
+
+      throw new Error(
+        `Could not parse the current market price for ${symbol} (${dataSource})`
+      );
+    } catch (error) {
+      Logger.error(error, 'AdminController');
+
+      throw new HttpException(error.message, StatusCodes.BAD_REQUEST);
+    }
+  }
+
+  /**
+   * @deprecated
+   */
+  @HasPermission(permissions.accessAdminControl)
+  @Post('market-data/:dataSource/:symbol')
+  @UseGuards(AuthGuard('jwt'), HasPermissionGuard)
+  public async updateMarketData(
+    @Body() data: UpdateBulkMarketDataDto,
+    @Param('dataSource') dataSource: DataSource,
+    @Param('symbol') symbol: string
+  ) {
+    const dataBulkUpdate: Prisma.MarketDataUpdateInput[] = data.marketData.map(
+      ({ date, marketPrice }) => ({
+        dataSource,
+        marketPrice,
+        symbol,
+        date: parseISO(date),
+        state: 'CLOSE'
+      })
+    );
+
+    return this.marketDataService.updateMany({
+      data: dataBulkUpdate
+    });
+  }
+
+  /**
+   * @deprecated
+   */
+  @HasPermission(permissions.accessAdminControl)
  @Put('market-data/:dataSource/:symbol/:dateString')
-  @UseGuards(AuthGuard('jwt'))
+  @UseGuards(AuthGuard('jwt'), HasPermissionGuard)
  public async update(
    @Param('dataSource') dataSource: DataSource,
    @Param('dateString') dateString: string,
    @Param('symbol') symbol: string,
    @Body() data: UpdateMarketDataDto
  ) {
-    if (
-      !hasPermission(
-        this.request.user.permissions,
-        permissions.accessAdminControl
-      )
-    ) {
-      throw new HttpException(
-        getReasonPhrase(StatusCodes.FORBIDDEN),
-        StatusCodes.FORBIDDEN
-      );
-    }
-
-    const date = new Date(dateString);
+    const date = parseISO(dateString);

    return this.marketDataService.updateMarketData({
-      data: { ...data, dataSource },
+      data: { marketPrice: data.marketPrice, state: 'CLOSE' },
      where: {
-        date_symbol: {
+        dataSource_date_symbol: {
+          dataSource,
          date,
          symbol
        }
@ -314,46 +305,39 @@ export class AdminController {
    });
  }

+  @HasPermission(permissions.accessAdminControl)
+  @Post('profile-data/:dataSource/:symbol')
+  @UseGuards(AuthGuard('jwt'), HasPermissionGuard)
+  @UseInterceptors(TransformDataSourceInRequestInterceptor)
+  public async addProfileData(
+    @Param('dataSource') dataSource: DataSource,
+    @Param('symbol') symbol: string
+  ): Promise<SymbolProfile | never> {
+    return this.adminService.addAssetProfile({
+      dataSource,
+      symbol,
+      currency: this.request.user.Settings.settings.baseCurrency
+    });
+  }
+
  @Delete('profile-data/:dataSource/:symbol')
-  @UseGuards(AuthGuard('jwt'))
+  @HasPermission(permissions.accessAdminControl)
+  @UseGuards(AuthGuard('jwt'), HasPermissionGuard)
  public async deleteProfileData(
    @Param('dataSource') dataSource: DataSource,
    @Param('symbol') symbol: string
  ): Promise<void> {
-    if (
-      !hasPermission(
-        this.request.user.permissions,
-        permissions.accessAdminControl
-      )
-    ) {
-      throw new HttpException(
-        getReasonPhrase(StatusCodes.FORBIDDEN),
-        StatusCodes.FORBIDDEN
-      );
-    }
-
    return this.adminService.deleteProfileData({ dataSource, symbol });
  }

+  @HasPermission(permissions.accessAdminControl)
  @Patch('profile-data/:dataSource/:symbol')
-  @UseGuards(AuthGuard('jwt'))
+  @UseGuards(AuthGuard('jwt'), HasPermissionGuard)
  public async patchAssetProfileData(
    @Body() assetProfileData: UpdateAssetProfileDto,
    @Param('dataSource') dataSource: DataSource,
    @Param('symbol') symbol: string
  ): Promise<EnhancedSymbolProfile> {
-    if (
-      !hasPermission(
-        this.request.user.permissions,
-        permissions.accessAdminControl
-      )
-    ) {
-      throw new HttpException(
-        getReasonPhrase(StatusCodes.FORBIDDEN),
-        StatusCodes.FORBIDDEN
-      );
-    }
-
    return this.adminService.patchAssetProfileData({
      ...assetProfileData,
      dataSource,
@ -361,24 +345,26 @@ export class AdminController {
    });
  }

+  @HasPermission(permissions.accessAdminControl)
  @Put('settings/:key')
-  @UseGuards(AuthGuard('jwt'))
+  @UseGuards(AuthGuard('jwt'), HasPermissionGuard)
  public async updateProperty(
    @Param('key') key: string,
    @Body() data: PropertyDto
  ) {
-    if (
-      !hasPermission(
-        this.request.user.permissions,
-        permissions.accessAdminControl
-      )
-    ) {
-      throw new HttpException(
-        getReasonPhrase(StatusCodes.FORBIDDEN),
-        StatusCodes.FORBIDDEN
-      );
-    }
+    return this.adminService.putSetting(key, data.value);
+  }

-    return await this.adminService.putSetting(key, data.value);
+  @Get('user')
+  @HasPermission(permissions.accessAdminControl)
+  @UseGuards(AuthGuard('jwt'), HasPermissionGuard)
+  public async getUsers(
+    @Query('skip') skip?: number,
+    @Query('take') take?: number
+  ): Promise<AdminUsers> {
+    return this.adminService.getUsers({
+      skip: isNaN(skip) ? undefined : skip,
+      take: isNaN(take) ? undefined : take
+    });
  }
 }
--- a/apps/api/src/app/admin/admin.module.ts
+++ b/apps/api/src/app/admin/admin.module.ts
@ -1,12 +1,17 @@
+import { OrderModule } from '@ghostfolio/api/app/order/order.module';
 import { SubscriptionModule } from '@ghostfolio/api/app/subscription/subscription.module';
-import { ConfigurationModule } from '@ghostfolio/api/services/configuration.module';
-import { DataGatheringModule } from '@ghostfolio/api/services/data-gathering.module';
+import { TransformDataSourceInRequestModule } from '@ghostfolio/api/interceptors/transform-data-source-in-request/transform-data-source-in-request.module';
+import { ApiModule } from '@ghostfolio/api/services/api/api.module';
+import { BenchmarkModule } from '@ghostfolio/api/services/benchmark/benchmark.module';
+import { ConfigurationModule } from '@ghostfolio/api/services/configuration/configuration.module';
 import { DataProviderModule } from '@ghostfolio/api/services/data-provider/data-provider.module';
-import { ExchangeRateDataModule } from '@ghostfolio/api/services/exchange-rate-data.module';
-import { MarketDataModule } from '@ghostfolio/api/services/market-data.module';
-import { PrismaModule } from '@ghostfolio/api/services/prisma.module';
+import { ExchangeRateDataModule } from '@ghostfolio/api/services/exchange-rate-data/exchange-rate-data.module';
+import { MarketDataModule } from '@ghostfolio/api/services/market-data/market-data.module';
+import { PrismaModule } from '@ghostfolio/api/services/prisma/prisma.module';
 import { PropertyModule } from '@ghostfolio/api/services/property/property.module';
-import { SymbolProfileModule } from '@ghostfolio/api/services/symbol-profile.module';
+import { DataGatheringModule } from '@ghostfolio/api/services/queues/data-gathering/data-gathering.module';
+import { SymbolProfileModule } from '@ghostfolio/api/services/symbol-profile/symbol-profile.module';
+
 import { Module } from '@nestjs/common';

 import { AdminController } from './admin.controller';
@ -15,16 +20,20 @@ import { QueueModule } from './queue/queue.module';

@Module({
  imports: [
+    ApiModule,
+    BenchmarkModule,
    ConfigurationModule,
    DataGatheringModule,
    DataProviderModule,
    ExchangeRateDataModule,
    MarketDataModule,
+    OrderModule,
    PrismaModule,
    PropertyModule,
    QueueModule,
    SubscriptionModule,
-    SymbolProfileModule
+    SymbolProfileModule,
+    TransformDataSourceInRequestModule
  ],
  controllers: [AdminController],
  providers: [AdminService],
--- a/apps/api/src/app/admin/admin.service.ts
+++ b/apps/api/src/app/admin/admin.service.ts
@ -1,172 +1,445 @@
+import { OrderService } from '@ghostfolio/api/app/order/order.service';
 import { SubscriptionService } from '@ghostfolio/api/app/subscription/subscription.service';
-import { ConfigurationService } from '@ghostfolio/api/services/configuration.service';
-import { ExchangeRateDataService } from '@ghostfolio/api/services/exchange-rate-data.service';
-import { MarketDataService } from '@ghostfolio/api/services/market-data.service';
-import { PrismaService } from '@ghostfolio/api/services/prisma.service';
+import { environment } from '@ghostfolio/api/environments/environment';
+import { BenchmarkService } from '@ghostfolio/api/services/benchmark/benchmark.service';
+import { ConfigurationService } from '@ghostfolio/api/services/configuration/configuration.service';
+import { DataProviderService } from '@ghostfolio/api/services/data-provider/data-provider.service';
+import { ExchangeRateDataService } from '@ghostfolio/api/services/exchange-rate-data/exchange-rate-data.service';
+import { MarketDataService } from '@ghostfolio/api/services/market-data/market-data.service';
+import { PrismaService } from '@ghostfolio/api/services/prisma/prisma.service';
 import { PropertyService } from '@ghostfolio/api/services/property/property.service';
-import { SymbolProfileService } from '@ghostfolio/api/services/symbol-profile.service';
-import { PROPERTY_CURRENCIES } from '@ghostfolio/common/config';
+import { SymbolProfileService } from '@ghostfolio/api/services/symbol-profile/symbol-profile.service';
+import {
+  DEFAULT_CURRENCY,
+  PROPERTY_CURRENCIES,
+  PROPERTY_IS_READ_ONLY_MODE,
+  PROPERTY_IS_USER_SIGNUP_ENABLED
+} from '@ghostfolio/common/config';
+import {
+  getAssetProfileIdentifier,
+  getCurrencyFromSymbol,
+  isCurrency
+} from '@ghostfolio/common/helper';
 import {
  AdminData,
  AdminMarketData,
  AdminMarketDataDetails,
  AdminMarketDataItem,
-  Filter,
-  UniqueAsset
+  AdminUsers,
+  AssetProfileIdentifier,
+  EnhancedSymbolProfile,
+  Filter
 } from '@ghostfolio/common/interfaces';
-import { Injectable } from '@nestjs/common';
-import { AssetSubClass, Prisma, Property } from '@prisma/client';
+import { Sector } from '@ghostfolio/common/interfaces/sector.interface';
+import { MarketDataPreset } from '@ghostfolio/common/types';
+
+import { BadRequestException, Injectable, Logger } from '@nestjs/common';
+import {
+  AssetClass,
+  AssetSubClass,
+  DataSource,
+  Prisma,
+  PrismaClient,
+  Property,
+  SymbolProfile
+} from '@prisma/client';
 import { differenceInDays } from 'date-fns';
 import { groupBy } from 'lodash';

@Injectable()
 export class AdminService {
-  private baseCurrency: string;
-
  public constructor(
+    private readonly benchmarkService: BenchmarkService,
    private readonly configurationService: ConfigurationService,
+    private readonly dataProviderService: DataProviderService,
    private readonly exchangeRateDataService: ExchangeRateDataService,
    private readonly marketDataService: MarketDataService,
+    private readonly orderService: OrderService,
    private readonly prismaService: PrismaService,
    private readonly propertyService: PropertyService,
    private readonly subscriptionService: SubscriptionService,
    private readonly symbolProfileService: SymbolProfileService
-  ) {
-    this.baseCurrency = this.configurationService.get('BASE_CURRENCY');
+  ) {}
+
+  public async addAssetProfile({
+    currency,
+    dataSource,
+    symbol
+  }: AssetProfileIdentifier & { currency?: string }): Promise<
+    SymbolProfile | never
+  > {
+    try {
+      if (dataSource === 'MANUAL') {
+        return this.symbolProfileService.add({
+          currency,
+          dataSource,
+          symbol
+        });
+      }
+
+      const assetProfiles = await this.dataProviderService.getAssetProfiles([
+        { dataSource, symbol }
+      ]);
+
+      if (!assetProfiles[symbol]?.currency) {
+        throw new BadRequestException(
+          `Asset profile not found for ${symbol} (${dataSource})`
+        );
+      }
+
+      return this.symbolProfileService.add(
+        assetProfiles[symbol] as Prisma.SymbolProfileCreateInput
+      );
+    } catch (error) {
+      if (
+        error instanceof Prisma.PrismaClientKnownRequestError &&
+        error.code === 'P2002'
+      ) {
+        throw new BadRequestException(
+          `Asset profile of ${symbol} (${dataSource}) already exists`
+        );
+      }
+
+      throw error;
+    }
  }

-  public async deleteProfileData({ dataSource, symbol }: UniqueAsset) {
+  public async deleteProfileData({
+    dataSource,
+    symbol
+  }: AssetProfileIdentifier) {
    await this.marketDataService.deleteMany({ dataSource, symbol });
-    await this.symbolProfileService.delete({ dataSource, symbol });
+
+    const currency = getCurrencyFromSymbol(symbol);
+    const customCurrencies = (await this.propertyService.getByKey(
+      PROPERTY_CURRENCIES
+    )) as string[];
+
+    if (customCurrencies.includes(currency)) {
+      const updatedCustomCurrencies = customCurrencies.filter(
+        (customCurrency) => {
+          return customCurrency !== currency;
+        }
+      );
+
+      await this.putSetting(
+        PROPERTY_CURRENCIES,
+        JSON.stringify(updatedCustomCurrencies)
+      );
+    } else {
+      await this.symbolProfileService.delete({ dataSource, symbol });
+    }
  }

  public async get(): Promise<AdminData> {
+    const exchangeRates = this.exchangeRateDataService
+      .getCurrencies()
+      .filter((currency) => {
+        return currency !== DEFAULT_CURRENCY;
+      })
+      .map((currency) => {
+        const label1 = DEFAULT_CURRENCY;
+        const label2 = currency;
+
+        return {
+          label1,
+          label2,
+          dataSource:
+            DataSource[
+              this.configurationService.get('DATA_SOURCE_EXCHANGE_RATES')
+            ],
+          symbol: `${label1}${label2}`,
+          value: this.exchangeRateDataService.toCurrency(
+            1,
+            DEFAULT_CURRENCY,
+            currency
+          )
+        };
+      });
+
+    const [settings, transactionCount, userCount] = await Promise.all([
+      this.propertyService.get(),
+      this.prismaService.order.count(),
+      this.countUsersWithAnalytics()
+    ]);
+
    return {
-      exchangeRates: this.exchangeRateDataService
-        .getCurrencies()
-        .filter((currency) => {
-          return currency !== this.baseCurrency;
-        })
-        .map((currency) => {
-          return {
-            label1: this.baseCurrency,
-            label2: currency,
-            value: this.exchangeRateDataService.toCurrency(
-              1,
-              this.baseCurrency,
-              currency
-            )
-          };
-        }),
-      settings: await this.propertyService.get(),
-      transactionCount: await this.prismaService.order.count(),
-      userCount: await this.prismaService.user.count(),
-      users: await this.getUsersWithAnalytics()
+      exchangeRates,
+      settings,
+      transactionCount,
+      userCount,
+      version: environment.version
    };
  }

-  public async getMarketData(filters?: Filter[]): Promise<AdminMarketData> {
+  public async getMarketData({
+    filters,
+    presetId,
+    sortColumn,
+    sortDirection,
+    skip,
+    take = Number.MAX_SAFE_INTEGER
+  }: {
+    filters?: Filter[];
+    presetId?: MarketDataPreset;
+    skip?: number;
+    sortColumn?: string;
+    sortDirection?: Prisma.SortOrder;
+    take?: number;
+  }): Promise<AdminMarketData> {
+    let orderBy: Prisma.Enumerable<Prisma.SymbolProfileOrderByWithRelationInput> =
+      [{ symbol: 'asc' }];
    const where: Prisma.SymbolProfileWhereInput = {};

+    if (presetId === 'BENCHMARKS') {
+      const benchmarkAssetProfiles =
+        await this.benchmarkService.getBenchmarkAssetProfiles();
+
+      where.id = {
+        in: benchmarkAssetProfiles.map(({ id }) => {
+          return id;
+        })
+      };
+    } else if (presetId === 'CURRENCIES') {
+      return this.getMarketDataForCurrencies();
+    } else if (
+      presetId === 'ETF_WITHOUT_COUNTRIES' ||
+      presetId === 'ETF_WITHOUT_SECTORS'
+    ) {
+      filters = [{ id: 'ETF', type: 'ASSET_SUB_CLASS' }];
+    }
+
+    const searchQuery = filters.find(({ type }) => {
+      return type === 'SEARCH_QUERY';
+    })?.id;
+
    const { ASSET_SUB_CLASS: filtersByAssetSubClass } = groupBy(
      filters,
-      (filter) => {
-        return filter.type;
+      ({ type }) => {
+        return type;
      }
    );

-    const marketData = await this.prismaService.marketData.groupBy({
+    const marketDataItems = await this.prismaService.marketData.groupBy({
      _count: true,
      by: ['dataSource', 'symbol']
    });

-    let currencyPairsToGather: AdminMarketDataItem[] = [];
-
    if (filtersByAssetSubClass) {
      where.assetSubClass = AssetSubClass[filtersByAssetSubClass[0].id];
-    } else {
-      currencyPairsToGather = this.exchangeRateDataService
-        .getCurrencyPairs()
-        .map(({ dataSource, symbol }) => {
-          const marketDataItemCount =
-            marketData.find((marketDataItem) => {
-              return (
-                marketDataItem.dataSource === dataSource &&
-                marketDataItem.symbol === symbol
-              );
-            })?._count ?? 0;
-
-          return {
-            dataSource,
-            marketDataItemCount,
-            symbol,
-            countriesCount: 0,
-            sectorsCount: 0
-          };
-        });
    }

-    const symbolProfilesToGather: AdminMarketDataItem[] = (
-      await this.prismaService.symbolProfile.findMany({
-        where,
-        orderBy: [{ symbol: 'asc' }],
-        select: {
-          _count: {
-            select: { Order: true }
-          },
-          assetClass: true,
-          assetSubClass: true,
-          comment: true,
-          countries: true,
-          dataSource: true,
+    if (searchQuery) {
+      where.OR = [
+        { id: { mode: 'insensitive', startsWith: searchQuery } },
+        { isin: { mode: 'insensitive', startsWith: searchQuery } },
+        { name: { mode: 'insensitive', startsWith: searchQuery } },
+        { symbol: { mode: 'insensitive', startsWith: searchQuery } }
+      ];
+    }
+
+    if (sortColumn) {
+      orderBy = [{ [sortColumn]: sortDirection }];
+
+      if (sortColumn === 'activitiesCount') {
+        orderBy = {
          Order: {
-            orderBy: [{ date: 'asc' }],
-            select: { date: true },
-            take: 1
-          },
-          scraperConfiguration: true,
-          sectors: true,
+            _count: sortDirection
+          }
+        };
+      }
+    }
+
+    const extendedPrismaClient = this.getExtendedPrismaClient();
+
+    try {
+      const symbolProfileResult = await Promise.all([
+        extendedPrismaClient.symbolProfile.findMany({
+          orderBy,
+          skip,
+          take,
+          where,
+          select: {
+            _count: {
+              select: { Order: true }
+            },
+            assetClass: true,
+            assetSubClass: true,
+            comment: true,
+            countries: true,
+            currency: true,
+            dataSource: true,
+            id: true,
+            isUsedByUsersWithSubscription: true,
+            name: true,
+            Order: {
+              orderBy: [{ date: 'asc' }],
+              select: { date: true },
+              take: 1
+            },
+            scraperConfiguration: true,
+            sectors: true,
+            symbol: true,
+            SymbolProfileOverrides: true
+          }
+        }),
+        this.prismaService.symbolProfile.count({ where })
+      ]);
+      const assetProfiles = symbolProfileResult[0];
+      let count = symbolProfileResult[1];
+
+      const lastMarketPrices = await this.prismaService.marketData.findMany({
+        distinct: ['dataSource', 'symbol'],
+        orderBy: { date: 'desc' },
+        select: {
+          dataSource: true,
+          marketPrice: true,
          symbol: true
+        },
+        where: {
+          dataSource: {
+            in: assetProfiles.map(({ dataSource }) => {
+              return dataSource;
+            })
+          },
+          symbol: {
+            in: assetProfiles.map(({ symbol }) => {
+              return symbol;
+            })
+          }
        }
-      })
-    ).map((symbolProfile) => {
-      const countriesCount = symbolProfile.countries
-        ? Object.keys(symbolProfile.countries).length
-        : 0;
-      const marketDataItemCount =
-        marketData.find((marketDataItem) => {
-          return (
-            marketDataItem.dataSource === symbolProfile.dataSource &&
-            marketDataItem.symbol === symbolProfile.symbol
-          );
-        })?._count ?? 0;
-      const sectorsCount = symbolProfile.sectors
-        ? Object.keys(symbolProfile.sectors).length
-        : 0;
+      });
+
+      const lastMarketPriceMap = new Map<string, number>();
+
+      for (const { dataSource, marketPrice, symbol } of lastMarketPrices) {
+        lastMarketPriceMap.set(
+          getAssetProfileIdentifier({ dataSource, symbol }),
+          marketPrice
+        );
+      }
+
+      let marketData: AdminMarketDataItem[] = await Promise.all(
+        assetProfiles.map(
+          async ({
+            _count,
+            assetClass,
+            assetSubClass,
+            comment,
+            countries,
+            currency,
+            dataSource,
+            id,
+            isUsedByUsersWithSubscription,
+            name,
+            Order,
+            sectors,
+            symbol,
+            SymbolProfileOverrides
+          }) => {
+            let countriesCount = countries ? Object.keys(countries).length : 0;
+
+            const lastMarketPrice = lastMarketPriceMap.get(
+              getAssetProfileIdentifier({ dataSource, symbol })
+            );
+
+            const marketDataItemCount =
+              marketDataItems.find((marketDataItem) => {
+                return (
+                  marketDataItem.dataSource === dataSource &&
+                  marketDataItem.symbol === symbol
+                );
+              })?._count ?? 0;
+
+            let sectorsCount = sectors ? Object.keys(sectors).length : 0;
+
+            if (SymbolProfileOverrides) {
+              assetClass = SymbolProfileOverrides.assetClass ?? assetClass;
+              assetSubClass =
+                SymbolProfileOverrides.assetSubClass ?? assetSubClass;
+
+              if (
+                (
+                  SymbolProfileOverrides.countries as unknown as Prisma.JsonArray
+                )?.length > 0
+              ) {
+                countriesCount = (
+                  SymbolProfileOverrides.countries as unknown as Prisma.JsonArray
+                ).length;
+              }
+
+              name = SymbolProfileOverrides.name ?? name;
+
+              if (
+                (SymbolProfileOverrides.sectors as unknown as Sector[])
+                  ?.length > 0
+              ) {
+                sectorsCount = (
+                  SymbolProfileOverrides.sectors as unknown as Prisma.JsonArray
+                ).length;
+              }
+            }
+
+            return {
+              assetClass,
+              assetSubClass,
+              comment,
+              currency,
+              countriesCount,
+              dataSource,
+              id,
+              lastMarketPrice,
+              name,
+              symbol,
+              marketDataItemCount,
+              sectorsCount,
+              activitiesCount: _count.Order,
+              date: Order?.[0]?.date,
+              isUsedByUsersWithSubscription: await isUsedByUsersWithSubscription
+            };
+          }
+        )
+      );
+
+      if (presetId) {
+        if (presetId === 'ETF_WITHOUT_COUNTRIES') {
+          marketData = marketData.filter(({ countriesCount }) => {
+            return countriesCount === 0;
+          });
+        } else if (presetId === 'ETF_WITHOUT_SECTORS') {
+          marketData = marketData.filter(({ sectorsCount }) => {
+            return sectorsCount === 0;
+          });
+        }
+
+        count = marketData.length;
+      }

      return {
-        countriesCount,
-        marketDataItemCount,
-        sectorsCount,
-        activitiesCount: symbolProfile._count.Order,
-        assetClass: symbolProfile.assetClass,
-        assetSubClass: symbolProfile.assetSubClass,
-        comment: symbolProfile.comment,
-        dataSource: symbolProfile.dataSource,
-        date: symbolProfile.Order?.[0]?.date,
-        symbol: symbolProfile.symbol
+        count,
+        marketData
      };
-    });
+    } finally {
+      await extendedPrismaClient.$disconnect();

-    return {
-      marketData: [...currencyPairsToGather, ...symbolProfilesToGather]
-    };
+      Logger.debug('Disconnect extended prisma client', 'AdminService');
+    }
  }

  public async getMarketDataBySymbol({
    dataSource,
    symbol
-  }: UniqueAsset): Promise<AdminMarketDataDetails> {
+  }: AssetProfileIdentifier): Promise<AdminMarketDataDetails> {
+    let activitiesCount: EnhancedSymbolProfile['activitiesCount'] = 0;
+    let currency: EnhancedSymbolProfile['currency'] = '-';
+    let dateOfFirstActivity: EnhancedSymbolProfile['dateOfFirstActivity'];
+
+    if (isCurrency(getCurrencyFromSymbol(symbol))) {
+      currency = getCurrencyFromSymbol(symbol);
+      ({ activitiesCount, dateOfFirstActivity } =
+        await this.orderService.getStatisticsByCurrency(currency));
+    }
+
    const [[assetProfile], marketData] = await Promise.all([
      this.symbolProfileService.getSymbolProfiles([
        {
@ -185,24 +458,85 @@ export class AdminService {
      })
    ]);

+    if (assetProfile) {
+      assetProfile.dataProviderInfo = this.dataProviderService
+        .getDataProvider(assetProfile.dataSource)
+        .getDataProviderInfo();
+    }
+
    return {
-      assetProfile,
-      marketData
+      marketData,
+      assetProfile: assetProfile ?? {
+        activitiesCount,
+        currency,
+        dataSource,
+        dateOfFirstActivity,
+        symbol
+      }
    };
  }

+  public async getUsers({
+    skip,
+    take = Number.MAX_SAFE_INTEGER
+  }: {
+    skip?: number;
+    take?: number;
+  }): Promise<AdminUsers> {
+    const [count, users] = await Promise.all([
+      this.countUsersWithAnalytics(),
+      this.getUsersWithAnalytics({ skip, take })
+    ]);
+
+    return { count, users };
+  }
+
  public async patchAssetProfileData({
+    assetClass,
+    assetSubClass,
    comment,
+    countries,
+    currency,
    dataSource,
+    holdings,
+    name,
+    scraperConfiguration,
+    sectors,
    symbol,
-    symbolMapping
-  }: Prisma.SymbolProfileUpdateInput & UniqueAsset) {
-    await this.symbolProfileService.updateSymbolProfile({
+    symbolMapping,
+    url
+  }: AssetProfileIdentifier & Prisma.SymbolProfileUpdateInput) {
+    const symbolProfileOverrides = {
+      assetClass: assetClass as AssetClass,
+      assetSubClass: assetSubClass as AssetSubClass,
+      name: name as string,
+      url: url as string
+    };
+
+    const updatedSymbolProfile: AssetProfileIdentifier &
+      Prisma.SymbolProfileUpdateInput = {
      comment,
+      countries,
+      currency,
      dataSource,
+      holdings,
+      scraperConfiguration,
+      sectors,
      symbol,
-      symbolMapping
-    });
+      symbolMapping,
+      ...(dataSource === 'MANUAL'
+        ? { assetClass, assetSubClass, name, url }
+        : {
+            SymbolProfileOverrides: {
+              upsert: {
+                create: symbolProfileOverrides,
+                update: symbolProfileOverrides
+              }
+            }
+          })
+    };
+
+    await this.symbolProfileService.updateSymbolProfile(updatedSymbolProfile);

    const [symbolProfile] = await this.symbolProfileService.getSymbolProfiles([
      {
@ -223,23 +557,179 @@ export class AdminService {
      response = await this.propertyService.delete({ key });
    }

-    if (key === PROPERTY_CURRENCIES) {
+    if (key === PROPERTY_IS_READ_ONLY_MODE && value === 'true') {
+      await this.putSetting(PROPERTY_IS_USER_SIGNUP_ENABLED, 'false');
+    } else if (key === PROPERTY_CURRENCIES) {
      await this.exchangeRateDataService.initialize();
    }

    return response;
  }

-  private async getUsersWithAnalytics(): Promise<AdminData['users']> {
-    let orderBy: any = {
+  private async countUsersWithAnalytics() {
+    let where: Prisma.UserWhereInput;
+
+    if (this.configurationService.get('ENABLE_FEATURE_SUBSCRIPTION')) {
+      where = {
+        NOT: {
+          Analytics: null
+        }
+      };
+    }
+
+    return this.prismaService.user.count({
+      where
+    });
+  }
+
+  private getExtendedPrismaClient() {
+    Logger.debug('Connect extended prisma client', 'AdminService');
+
+    const symbolProfileExtension = Prisma.defineExtension((client) => {
+      return client.$extends({
+        result: {
+          symbolProfile: {
+            isUsedByUsersWithSubscription: {
+              compute: async ({ id }) => {
+                const { _count } =
+                  await this.prismaService.symbolProfile.findUnique({
+                    select: {
+                      _count: {
+                        select: {
+                          Order: {
+                            where: {
+                              User: {
+                                Subscription: {
+                                  some: {
+                                    expiresAt: {
+                                      gt: new Date()
+                                    }
+                                  }
+                                }
+                              }
+                            }
+                          }
+                        }
+                      }
+                    },
+                    where: {
+                      id
+                    }
+                  });
+
+                return _count.Order > 0;
+              }
+            }
+          }
+        }
+      });
+    });
+
+    return new PrismaClient().$extends(symbolProfileExtension);
+  }
+
+  private async getMarketDataForCurrencies(): Promise<AdminMarketData> {
+    const currencyPairs = this.exchangeRateDataService.getCurrencyPairs();
+
+    const [lastMarketPrices, marketDataItems] = await Promise.all([
+      this.prismaService.marketData.findMany({
+        distinct: ['dataSource', 'symbol'],
+        orderBy: { date: 'desc' },
+        select: {
+          dataSource: true,
+          marketPrice: true,
+          symbol: true
+        },
+        where: {
+          dataSource: {
+            in: currencyPairs.map(({ dataSource }) => {
+              return dataSource;
+            })
+          },
+          symbol: {
+            in: currencyPairs.map(({ symbol }) => {
+              return symbol;
+            })
+          }
+        }
+      }),
+      this.prismaService.marketData.groupBy({
+        _count: true,
+        by: ['dataSource', 'symbol']
+      })
+    ]);
+
+    const lastMarketPriceMap = new Map<string, number>();
+
+    for (const { dataSource, marketPrice, symbol } of lastMarketPrices) {
+      lastMarketPriceMap.set(
+        getAssetProfileIdentifier({ dataSource, symbol }),
+        marketPrice
+      );
+    }
+
+    const marketDataPromise: Promise<AdminMarketDataItem>[] = currencyPairs.map(
+      async ({ dataSource, symbol }) => {
+        let activitiesCount: EnhancedSymbolProfile['activitiesCount'] = 0;
+        let currency: EnhancedSymbolProfile['currency'] = '-';
+        let dateOfFirstActivity: EnhancedSymbolProfile['dateOfFirstActivity'];
+
+        if (isCurrency(getCurrencyFromSymbol(symbol))) {
+          currency = getCurrencyFromSymbol(symbol);
+          ({ activitiesCount, dateOfFirstActivity } =
+            await this.orderService.getStatisticsByCurrency(currency));
+        }
+
+        const lastMarketPrice = lastMarketPriceMap.get(
+          getAssetProfileIdentifier({ dataSource, symbol })
+        );
+
+        const marketDataItemCount =
+          marketDataItems.find((marketDataItem) => {
+            return (
+              marketDataItem.dataSource === dataSource &&
+              marketDataItem.symbol === symbol
+            );
+          })?._count ?? 0;
+
+        return {
+          activitiesCount,
+          currency,
+          dataSource,
+          lastMarketPrice,
+          marketDataItemCount,
+          symbol,
+          assetClass: AssetClass.LIQUIDITY,
+          assetSubClass: AssetSubClass.CASH,
+          countriesCount: 0,
+          date: dateOfFirstActivity,
+          id: undefined,
+          name: symbol,
+          sectorsCount: 0
+        };
+      }
+    );
+
+    const marketData = await Promise.all(marketDataPromise);
+    return { marketData, count: marketData.length };
+  }
+
+  private async getUsersWithAnalytics({
+    skip,
+    take
+  }: {
+    skip?: number;
+    take?: number;
+  }): Promise<AdminUsers['users']> {
+    let orderBy: Prisma.UserOrderByWithRelationInput = {
      createdAt: 'desc'
    };
-    let where;
+    let where: Prisma.UserWhereInput;

    if (this.configurationService.get('ENABLE_FEATURE_SUBSCRIPTION')) {
      orderBy = {
        Analytics: {
-          updatedAt: 'desc'
+          lastRequestAt: 'desc'
        }
      };
      where = {
@ -251,6 +741,8 @@ export class AdminService {

    const usersWithAnalytics = await this.prismaService.user.findMany({
      orderBy,
+      skip,
+      take,
      where,
      select: {
        _count: {
@ -260,18 +752,19 @@ export class AdminService {
          select: {
            activityCount: true,
            country: true,
+            dataProviderGhostfolioDailyRequests: true,
            updatedAt: true
          }
        },
        createdAt: true,
        id: true,
+        role: true,
        Subscription: true
-      },
-      take: 30
+      }
    });

    return usersWithAnalytics.map(
-      ({ _count, Analytics, createdAt, id, Subscription }) => {
+      ({ _count, Analytics, createdAt, id, role, Subscription }) => {
        const daysSinceRegistration =
          differenceInDays(new Date(), createdAt) + 1;
        const engagement = Analytics
@ -281,16 +774,21 @@ export class AdminService {
        const subscription = this.configurationService.get(
          'ENABLE_FEATURE_SUBSCRIPTION'
        )
-          ? this.subscriptionService.getSubscription(Subscription)
+          ? this.subscriptionService.getSubscription({
+              createdAt,
+              subscriptions: Subscription
+            })
          : undefined;

        return {
          createdAt,
          engagement,
          id,
+          role,
          subscription,
          accountCount: _count.Account || 0,
          country: Analytics?.country,
+          dailyApiRequests: Analytics?.dataProviderGhostfolioDailyRequests || 0,
          lastActivity: Analytics?.updatedAt,
          transactionCount: _count.Order || 0
        };
--- a/apps/api/src/app/admin/queue/queue.controller.ts
+++ b/apps/api/src/app/admin/queue/queue.controller.ts
@ -1,87 +1,56 @@
+import { HasPermission } from '@ghostfolio/api/decorators/has-permission.decorator';
+import { HasPermissionGuard } from '@ghostfolio/api/guards/has-permission.guard';
 import { AdminJobs } from '@ghostfolio/common/interfaces';
-import { hasPermission, permissions } from '@ghostfolio/common/permissions';
-import type { RequestWithUser } from '@ghostfolio/common/types';
+import { permissions } from '@ghostfolio/common/permissions';
+
 import {
  Controller,
  Delete,
  Get,
-  HttpException,
-  Inject,
  Param,
  Query,
  UseGuards
 } from '@nestjs/common';
-import { REQUEST } from '@nestjs/core';
 import { AuthGuard } from '@nestjs/passport';
 import { JobStatus } from 'bull';
-import { StatusCodes, getReasonPhrase } from 'http-status-codes';

 import { QueueService } from './queue.service';

@Controller('admin/queue')
 export class QueueController {
-  public constructor(
-    private readonly queueService: QueueService,
-    @Inject(REQUEST) private readonly request: RequestWithUser
-  ) {}
+  public constructor(private readonly queueService: QueueService) {}

  @Delete('job')
-  @UseGuards(AuthGuard('jwt'))
+  @HasPermission(permissions.accessAdminControl)
+  @UseGuards(AuthGuard('jwt'), HasPermissionGuard)
  public async deleteJobs(
    @Query('status') filterByStatus?: string
  ): Promise<void> {
-    if (
-      !hasPermission(
-        this.request.user.permissions,
-        permissions.accessAdminControl
-      )
-    ) {
-      throw new HttpException(
-        getReasonPhrase(StatusCodes.FORBIDDEN),
-        StatusCodes.FORBIDDEN
-      );
-    }
-
-    const status = <JobStatus[]>filterByStatus?.split(',') ?? undefined;
+    const status = (filterByStatus?.split(',') as JobStatus[]) ?? undefined;
    return this.queueService.deleteJobs({ status });
  }

  @Get('job')
-  @UseGuards(AuthGuard('jwt'))
+  @HasPermission(permissions.accessAdminControl)
+  @UseGuards(AuthGuard('jwt'), HasPermissionGuard)
  public async getJobs(
    @Query('status') filterByStatus?: string
  ): Promise<AdminJobs> {
-    if (
-      !hasPermission(
-        this.request.user.permissions,
-        permissions.accessAdminControl
-      )
-    ) {
-      throw new HttpException(
-        getReasonPhrase(StatusCodes.FORBIDDEN),
-        StatusCodes.FORBIDDEN
-      );
-    }
-
-    const status = <JobStatus[]>filterByStatus?.split(',') ?? undefined;
+    const status = (filterByStatus?.split(',') as JobStatus[]) ?? undefined;
    return this.queueService.getJobs({ status });
  }

  @Delete('job/:id')
-  @UseGuards(AuthGuard('jwt'))
+  @HasPermission(permissions.accessAdminControl)
+  @UseGuards(AuthGuard('jwt'), HasPermissionGuard)
  public async deleteJob(@Param('id') id: string): Promise<void> {
-    if (
-      !hasPermission(
-        this.request.user.permissions,
-        permissions.accessAdminControl
-      )
-    ) {
-      throw new HttpException(
-        getReasonPhrase(StatusCodes.FORBIDDEN),
-        StatusCodes.FORBIDDEN
-      );
-    }
-
    return this.queueService.deleteJob(id);
  }
+
+  @Get('job/:id/execute')
+  @HasPermission(permissions.accessAdminControl)
+  @UseGuards(AuthGuard('jwt'), HasPermissionGuard)
+  public async executeJob(@Param('id') id: string): Promise<void> {
+    return this.queueService.executeJob(id);
+  }
 }
--- a/apps/api/src/app/admin/queue/queue.module.ts
+++ b/apps/api/src/app/admin/queue/queue.module.ts
@ -1,4 +1,6 @@
-import { DataGatheringModule } from '@ghostfolio/api/services/data-gathering.module';
+import { DataGatheringModule } from '@ghostfolio/api/services/queues/data-gathering/data-gathering.module';
+import { PortfolioSnapshotQueueModule } from '@ghostfolio/api/services/queues/portfolio-snapshot/portfolio-snapshot.module';
+
 import { Module } from '@nestjs/common';

 import { QueueController } from './queue.controller';
@ -6,7 +8,7 @@ import { QueueService } from './queue.service';

@Module({
  controllers: [QueueController],
-  imports: [DataGatheringModule],
+  imports: [DataGatheringModule, PortfolioSnapshotQueueModule],
  providers: [QueueService]
 })
 export class QueueModule {}
--- a/apps/api/src/app/admin/queue/queue.service.ts
+++ b/apps/api/src/app/admin/queue/queue.service.ts
@ -1,21 +1,31 @@
 import {
  DATA_GATHERING_QUEUE,
+  PORTFOLIO_SNAPSHOT_COMPUTATION_QUEUE,
  QUEUE_JOB_STATUS_LIST
 } from '@ghostfolio/common/config';
 import { AdminJobs } from '@ghostfolio/common/interfaces';
+
 import { InjectQueue } from '@nestjs/bull';
-import { Injectable, Logger } from '@nestjs/common';
+import { Injectable } from '@nestjs/common';
 import { JobStatus, Queue } from 'bull';

@Injectable()
 export class QueueService {
  public constructor(
    @InjectQueue(DATA_GATHERING_QUEUE)
-    private readonly dataGatheringQueue: Queue
+    private readonly dataGatheringQueue: Queue,
+    @InjectQueue(PORTFOLIO_SNAPSHOT_COMPUTATION_QUEUE)
+    private readonly portfolioSnapshotQueue: Queue
  ) {}

  public async deleteJob(aId: string) {
-    return (await this.dataGatheringQueue.getJob(aId))?.remove();
+    let job = await this.dataGatheringQueue.getJob(aId);
+
+    if (!job) {
+      job = await this.portfolioSnapshotQueue.getJob(aId);
+    }
+
+    return job?.remove();
  }

  public async deleteJobs({
@ -23,17 +33,24 @@ export class QueueService {
  }: {
    status?: JobStatus[];
  }) {
-    const jobs = await this.dataGatheringQueue.getJobs(status);
+    for (const statusItem of status) {
+      const queueStatus = statusItem === 'waiting' ? 'wait' : statusItem;

-    for (const job of jobs) {
-      try {
-        await job.remove();
-      } catch (error) {
-        Logger.warn(error, 'QueueService');
-      }
+      await this.dataGatheringQueue.clean(300, queueStatus);
+      await this.portfolioSnapshotQueue.clean(300, queueStatus);
    }
  }

+  public async executeJob(aId: string) {
+    let job = await this.dataGatheringQueue.getJob(aId);
+
+    if (!job) {
+      job = await this.portfolioSnapshotQueue.getJob(aId);
+    }
+
+    return job?.promote();
+  }
+
  public async getJobs({
    limit = 1000,
    status = QUEUE_JOB_STATUS_LIST
@ -41,21 +58,30 @@ export class QueueService {
    limit?: number;
    status?: JobStatus[];
  }): Promise<AdminJobs> {
-    const jobs = await this.dataGatheringQueue.getJobs(status);
+    const [dataGatheringJobs, portfolioSnapshotJobs] = await Promise.all([
+      this.dataGatheringQueue.getJobs(status),
+      this.portfolioSnapshotQueue.getJobs(status)
+    ]);

    const jobsWithState = await Promise.all(
-      jobs.slice(0, limit).map(async (job) => {
-        return {
-          attemptsMade: job.attemptsMade + 1,
-          data: job.data,
-          finishedOn: job.finishedOn,
-          id: job.id,
-          name: job.name,
-          stacktrace: job.stacktrace,
-          state: await job.getState(),
-          timestamp: job.timestamp
-        };
-      })
+      [...dataGatheringJobs, ...portfolioSnapshotJobs]
+        .filter((job) => {
+          return job;
+        })
+        .slice(0, limit)
+        .map(async (job) => {
+          return {
+            attemptsMade: job.attemptsMade + 1,
+            data: job.data,
+            finishedOn: job.finishedOn,
+            id: job.id,
+            name: job.name,
+            opts: job.opts,
+            stacktrace: job.stacktrace,
+            state: await job.getState(),
+            timestamp: job.timestamp
+          };
+        })
    );

    return {
--- a/apps/api/src/app/admin/update-asset-profile.dto.ts
+++ b/apps/api/src/app/admin/update-asset-profile.dto.ts
@ -1,13 +1,58 @@
-import { IsObject, IsOptional, IsString } from 'class-validator';
+import { IsCurrencyCode } from '@ghostfolio/api/validators/is-currency-code';
+
+import { AssetClass, AssetSubClass, Prisma } from '@prisma/client';
+import {
+  IsArray,
+  IsEnum,
+  IsObject,
+  IsOptional,
+  IsString,
+  IsUrl
+} from 'class-validator';

 export class UpdateAssetProfileDto {
+  @IsEnum(AssetClass, { each: true })
+  @IsOptional()
+  assetClass?: AssetClass;
+
+  @IsEnum(AssetSubClass, { each: true })
+  @IsOptional()
+  assetSubClass?: AssetSubClass;
+
  @IsString()
  @IsOptional()
  comment?: string;

+  @IsArray()
+  @IsOptional()
+  countries?: Prisma.InputJsonArray;
+
+  @IsCurrencyCode()
+  @IsOptional()
+  currency?: string;
+
+  @IsString()
+  @IsOptional()
+  name?: string;
+
+  @IsObject()
+  @IsOptional()
+  scraperConfiguration?: Prisma.InputJsonObject;
+
+  @IsArray()
+  @IsOptional()
+  sectors?: Prisma.InputJsonArray;
+
  @IsObject()
  @IsOptional()
  symbolMapping?: {
    [dataProvider: string]: string;
  };
+
+  @IsOptional()
+  @IsUrl({
+    protocols: ['https'],
+    require_protocol: true
+  })
+  url?: string;
 }
--- a/apps/api/src/app/admin/update-bulk-market-data.dto.ts
+++ b/apps/api/src/app/admin/update-bulk-market-data.dto.ts
@ -0,0 +1,11 @@
+import { Type } from 'class-transformer';
+import { ArrayNotEmpty, IsArray } from 'class-validator';
+
+import { UpdateMarketDataDto } from './update-market-data.dto';
+
+export class UpdateBulkMarketDataDto {
+  @ArrayNotEmpty()
+  @IsArray()
+  @Type(() => UpdateMarketDataDto)
+  marketData: UpdateMarketDataDto[];
+}
--- a/apps/api/src/app/admin/update-market-data.dto.ts
+++ b/apps/api/src/app/admin/update-market-data.dto.ts
@ -1,6 +1,10 @@
-import { IsNumber } from 'class-validator';
+import { IsISO8601, IsNumber, IsOptional } from 'class-validator';

 export class UpdateMarketDataDto {
+  @IsISO8601()
+  @IsOptional()
+  date?: string;
+
  @IsNumber()
  marketPrice: number;
 }
--- a/apps/api/src/app/app.controller.ts
+++ b/apps/api/src/app/app.controller.ts
@ -1,4 +1,5 @@
-import { ExchangeRateDataService } from '@ghostfolio/api/services/exchange-rate-data.service';
+import { ExchangeRateDataService } from '@ghostfolio/api/services/exchange-rate-data/exchange-rate-data.service';
+
 import { Controller } from '@nestjs/common';

@Controller()
--- a/apps/api/src/app/app.module.ts
+++ b/apps/api/src/app/app.module.ts
@ -1,49 +1,72 @@
-import { join } from 'path';
+import { EventsModule } from '@ghostfolio/api/events/events.module';
+import { ConfigurationModule } from '@ghostfolio/api/services/configuration/configuration.module';
+import { CronService } from '@ghostfolio/api/services/cron.service';
+import { DataProviderModule } from '@ghostfolio/api/services/data-provider/data-provider.module';
+import { ExchangeRateDataModule } from '@ghostfolio/api/services/exchange-rate-data/exchange-rate-data.module';
+import { PrismaModule } from '@ghostfolio/api/services/prisma/prisma.module';
+import { PropertyModule } from '@ghostfolio/api/services/property/property.module';
+import { DataGatheringModule } from '@ghostfolio/api/services/queues/data-gathering/data-gathering.module';
+import { PortfolioSnapshotQueueModule } from '@ghostfolio/api/services/queues/portfolio-snapshot/portfolio-snapshot.module';
+import { TwitterBotModule } from '@ghostfolio/api/services/twitter-bot/twitter-bot.module';
+import {
+  DEFAULT_LANGUAGE_CODE,
+  SUPPORTED_LANGUAGE_CODES
+} from '@ghostfolio/common/config';

 import { BullModule } from '@nestjs/bull';
-import { MiddlewareConsumer, Module, RequestMethod } from '@nestjs/common';
+import { Module } from '@nestjs/common';
 import { ConfigModule } from '@nestjs/config';
+import { EventEmitterModule } from '@nestjs/event-emitter';
 import { ScheduleModule } from '@nestjs/schedule';
 import { ServeStaticModule } from '@nestjs/serve-static';
+import { StatusCodes } from 'http-status-codes';
+import { join } from 'path';

-import { ConfigurationModule } from '../services/configuration.module';
-import { CronService } from '../services/cron.service';
-import { DataGatheringModule } from '../services/data-gathering.module';
-import { DataProviderModule } from '../services/data-provider/data-provider.module';
-import { ExchangeRateDataModule } from '../services/exchange-rate-data.module';
-import { PrismaModule } from '../services/prisma.module';
-import { TwitterBotModule } from '../services/twitter-bot/twitter-bot.module';
 import { AccessModule } from './access/access.module';
 import { AccountModule } from './account/account.module';
 import { AdminModule } from './admin/admin.module';
 import { AppController } from './app.controller';
+import { AssetModule } from './asset/asset.module';
 import { AuthDeviceModule } from './auth-device/auth-device.module';
 import { AuthModule } from './auth/auth.module';
-import { BenchmarkModule } from './benchmark/benchmark.module';
 import { CacheModule } from './cache/cache.module';
+import { AiModule } from './endpoints/ai/ai.module';
+import { ApiKeysModule } from './endpoints/api-keys/api-keys.module';
+import { BenchmarksModule } from './endpoints/benchmarks/benchmarks.module';
+import { GhostfolioModule } from './endpoints/data-providers/ghostfolio/ghostfolio.module';
+import { MarketDataModule } from './endpoints/market-data/market-data.module';
+import { PublicModule } from './endpoints/public/public.module';
+import { TagsModule } from './endpoints/tags/tags.module';
 import { ExchangeRateModule } from './exchange-rate/exchange-rate.module';
 import { ExportModule } from './export/export.module';
-import { FrontendMiddleware } from './frontend.middleware';
+import { HealthModule } from './health/health.module';
 import { ImportModule } from './import/import.module';
 import { InfoModule } from './info/info.module';
 import { LogoModule } from './logo/logo.module';
 import { OrderModule } from './order/order.module';
+import { PlatformModule } from './platform/platform.module';
 import { PortfolioModule } from './portfolio/portfolio.module';
 import { RedisCacheModule } from './redis-cache/redis-cache.module';
+import { SitemapModule } from './sitemap/sitemap.module';
 import { SubscriptionModule } from './subscription/subscription.module';
 import { SymbolModule } from './symbol/symbol.module';
 import { UserModule } from './user/user.module';

@Module({
+  controllers: [AppController],
  imports: [
    AdminModule,
    AccessModule,
    AccountModule,
+    AiModule,
+    ApiKeysModule,
+    AssetModule,
    AuthDeviceModule,
    AuthModule,
-    BenchmarkModule,
+    BenchmarksModule,
    BullModule.forRoot({
      redis: {
+        db: parseInt(process.env.REDIS_DB ?? '0', 10),
        host: process.env.REDIS_HOST,
        port: parseInt(process.env.REDIS_PORT ?? '6379', 10),
        password: process.env.REDIS_PASSWORD
@ -54,43 +77,57 @@ import { UserModule } from './user/user.module';
    ConfigurationModule,
    DataGatheringModule,
    DataProviderModule,
+    EventEmitterModule.forRoot(),
+    EventsModule,
    ExchangeRateModule,
    ExchangeRateDataModule,
    ExportModule,
+    GhostfolioModule,
+    HealthModule,
    ImportModule,
    InfoModule,
    LogoModule,
+    MarketDataModule,
    OrderModule,
+    PlatformModule,
    PortfolioModule,
+    PortfolioSnapshotQueueModule,
    PrismaModule,
+    PropertyModule,
+    PublicModule,
    RedisCacheModule,
    ScheduleModule.forRoot(),
    ServeStaticModule.forRoot({
-      serveStaticOptions: {
-        /*etag: false // Disable etag header to fix PWA
-        setHeaders: (res, path) => {
-          if (path.includes('ngsw.json')) {
-            // Disable cache (https://stackoverflow.com/questions/22632593/how-to-disable-webpage-caching-in-expressjs-nodejs/39775595)
-            // https://gertjans.home.xs4all.nl/javascript/cache-control.html#no-cache
-            res.set('Cache-Control', 'no-cache, no-store, must-revalidate');
-          }
-        }*/
-      },
+      exclude: ['/api*', '/sitemap.xml'],
      rootPath: join(__dirname, '..', 'client'),
-      exclude: ['/api*']
+      serveStaticOptions: {
+        setHeaders: (res) => {
+          if (res.req?.path === '/') {
+            let languageCode = DEFAULT_LANGUAGE_CODE;
+
+            try {
+              const code = res.req.headers['accept-language']
+                .split(',')[0]
+                .split('-')[0];
+
+              if (SUPPORTED_LANGUAGE_CODES.includes(code)) {
+                languageCode = code;
+              }
+            } catch {}
+
+            res.set('Location', `/${languageCode}`);
+            res.statusCode = StatusCodes.MOVED_PERMANENTLY;
+          }
+        }
+      }
    }),
+    SitemapModule,
    SubscriptionModule,
    SymbolModule,
+    TagsModule,
    TwitterBotModule,
    UserModule
  ],
-  controllers: [AppController],
  providers: [CronService]
 })
-export class AppModule {
-  configure(consumer: MiddlewareConsumer) {
-    consumer
-      .apply(FrontendMiddleware)
-      .forRoutes({ path: '*', method: RequestMethod.ALL });
-  }
-}
+export class AppModule {}
--- a/apps/api/src/app/asset/asset.controller.ts
+++ b/apps/api/src/app/asset/asset.controller.ts
@ -0,0 +1,29 @@
+import { AdminService } from '@ghostfolio/api/app/admin/admin.service';
+import { TransformDataSourceInRequestInterceptor } from '@ghostfolio/api/interceptors/transform-data-source-in-request/transform-data-source-in-request.interceptor';
+import { TransformDataSourceInResponseInterceptor } from '@ghostfolio/api/interceptors/transform-data-source-in-response/transform-data-source-in-response.interceptor';
+import type { AdminMarketDataDetails } from '@ghostfolio/common/interfaces';
+
+import { Controller, Get, Param, UseInterceptors } from '@nestjs/common';
+import { DataSource } from '@prisma/client';
+import { pick } from 'lodash';
+
+@Controller('asset')
+export class AssetController {
+  public constructor(private readonly adminService: AdminService) {}
+
+  @Get(':dataSource/:symbol')
+  @UseInterceptors(TransformDataSourceInRequestInterceptor)
+  @UseInterceptors(TransformDataSourceInResponseInterceptor)
+  public async getAsset(
+    @Param('dataSource') dataSource: DataSource,
+    @Param('symbol') symbol: string
+  ): Promise<AdminMarketDataDetails> {
+    const { assetProfile, marketData } =
+      await this.adminService.getMarketDataBySymbol({ dataSource, symbol });
+
+    return {
+      marketData,
+      assetProfile: pick(assetProfile, ['dataSource', 'name', 'symbol'])
+    };
+  }
+}
--- a/apps/api/src/app/asset/asset.module.ts
+++ b/apps/api/src/app/asset/asset.module.ts
@ -0,0 +1,17 @@
+import { AdminModule } from '@ghostfolio/api/app/admin/admin.module';
+import { TransformDataSourceInRequestModule } from '@ghostfolio/api/interceptors/transform-data-source-in-request/transform-data-source-in-request.module';
+import { TransformDataSourceInResponseModule } from '@ghostfolio/api/interceptors/transform-data-source-in-response/transform-data-source-in-response.module';
+
+import { Module } from '@nestjs/common';
+
+import { AssetController } from './asset.controller';
+
+@Module({
+  controllers: [AssetController],
+  imports: [
+    AdminModule,
+    TransformDataSourceInRequestModule,
+    TransformDataSourceInResponseModule
+  ]
+})
+export class AssetModule {}
--- a/apps/api/src/app/auth-device/auth-device.controller.ts
+++ b/apps/api/src/app/auth-device/auth-device.controller.ts
@ -1,40 +1,19 @@
 import { AuthDeviceService } from '@ghostfolio/api/app/auth-device/auth-device.service';
-import { hasPermission, permissions } from '@ghostfolio/common/permissions';
-import type { RequestWithUser } from '@ghostfolio/common/types';
-import {
-  Controller,
-  Delete,
-  HttpException,
-  Inject,
-  Param,
-  UseGuards
-} from '@nestjs/common';
-import { REQUEST } from '@nestjs/core';
+import { HasPermission } from '@ghostfolio/api/decorators/has-permission.decorator';
+import { HasPermissionGuard } from '@ghostfolio/api/guards/has-permission.guard';
+import { permissions } from '@ghostfolio/common/permissions';
+
+import { Controller, Delete, Param, UseGuards } from '@nestjs/common';
 import { AuthGuard } from '@nestjs/passport';
-import { StatusCodes, getReasonPhrase } from 'http-status-codes';

@Controller('auth-device')
 export class AuthDeviceController {
-  public constructor(
-    private readonly authDeviceService: AuthDeviceService,
-    @Inject(REQUEST) private readonly request: RequestWithUser
-  ) {}
+  public constructor(private readonly authDeviceService: AuthDeviceService) {}

  @Delete(':id')
-  @UseGuards(AuthGuard('jwt'))
+  @HasPermission(permissions.deleteAuthDevice)
+  @UseGuards(AuthGuard('jwt'), HasPermissionGuard)
  public async deleteAuthDevice(@Param('id') id: string): Promise<void> {
-    if (
-      !hasPermission(
-        this.request.user.permissions,
-        permissions.deleteAuthDevice
-      )
-    ) {
-      throw new HttpException(
-        getReasonPhrase(StatusCodes.FORBIDDEN),
-        StatusCodes.FORBIDDEN
-      );
-    }
-
    await this.authDeviceService.deleteAuthDevice({ id });
  }
 }
--- a/apps/api/src/app/auth-device/auth-device.module.ts
+++ b/apps/api/src/app/auth-device/auth-device.module.ts
@ -1,14 +1,13 @@
 import { AuthDeviceController } from '@ghostfolio/api/app/auth-device/auth-device.controller';
 import { AuthDeviceService } from '@ghostfolio/api/app/auth-device/auth-device.service';
-import { ConfigurationModule } from '@ghostfolio/api/services/configuration.module';
-import { PrismaModule } from '@ghostfolio/api/services/prisma.module';
+import { PrismaModule } from '@ghostfolio/api/services/prisma/prisma.module';
+
 import { Module } from '@nestjs/common';
 import { JwtModule } from '@nestjs/jwt';

@Module({
  controllers: [AuthDeviceController],
  imports: [
-    ConfigurationModule,
    JwtModule.register({
      secret: process.env.JWT_SECRET_KEY,
      signOptions: { expiresIn: '180 days' }
--- a/apps/api/src/app/auth-device/auth-device.service.ts
+++ b/apps/api/src/app/auth-device/auth-device.service.ts
@ -1,14 +1,11 @@
-import { ConfigurationService } from '@ghostfolio/api/services/configuration.service';
-import { PrismaService } from '@ghostfolio/api/services/prisma.service';
+import { PrismaService } from '@ghostfolio/api/services/prisma/prisma.service';
+
 import { Injectable } from '@nestjs/common';
 import { AuthDevice, Prisma } from '@prisma/client';

@Injectable()
 export class AuthDeviceService {
-  public constructor(
-    private readonly configurationService: ConfigurationService,
-    private readonly prismaService: PrismaService
-  ) {}
+  public constructor(private readonly prismaService: PrismaService) {}

  public async authDevice(
    where: Prisma.AuthDeviceWhereUniqueInput
--- a/apps/api/src/app/auth/api-key.strategy.ts
+++ b/apps/api/src/app/auth/api-key.strategy.ts
@ -0,0 +1,76 @@
+import { UserService } from '@ghostfolio/api/app/user/user.service';
+import { ApiKeyService } from '@ghostfolio/api/services/api-key/api-key.service';
+import { ConfigurationService } from '@ghostfolio/api/services/configuration/configuration.service';
+import { PrismaService } from '@ghostfolio/api/services/prisma/prisma.service';
+import { HEADER_KEY_TOKEN } from '@ghostfolio/common/config';
+import { hasRole } from '@ghostfolio/common/permissions';
+
+import { HttpException, Injectable } from '@nestjs/common';
+import { PassportStrategy } from '@nestjs/passport';
+import { StatusCodes, getReasonPhrase } from 'http-status-codes';
+import { HeaderAPIKeyStrategy } from 'passport-headerapikey';
+
+@Injectable()
+export class ApiKeyStrategy extends PassportStrategy(
+  HeaderAPIKeyStrategy,
+  'api-key'
+) {
+  public constructor(
+    private readonly apiKeyService: ApiKeyService,
+    private readonly configurationService: ConfigurationService,
+    private readonly prismaService: PrismaService,
+    private readonly userService: UserService
+  ) {
+    super(
+      { header: HEADER_KEY_TOKEN, prefix: 'Api-Key ' },
+      true,
+      async (apiKey: string, done: (error: any, user?: any) => void) => {
+        try {
+          const user = await this.validateApiKey(apiKey);
+
+          if (this.configurationService.get('ENABLE_FEATURE_SUBSCRIPTION')) {
+            if (hasRole(user, 'INACTIVE')) {
+              throw new HttpException(
+                getReasonPhrase(StatusCodes.TOO_MANY_REQUESTS),
+                StatusCodes.TOO_MANY_REQUESTS
+              );
+            }
+
+            await this.prismaService.analytics.upsert({
+              create: { User: { connect: { id: user.id } } },
+              update: {
+                activityCount: { increment: 1 },
+                lastRequestAt: new Date()
+              },
+              where: { userId: user.id }
+            });
+          }
+
+          done(null, user);
+        } catch (error) {
+          done(error, null);
+        }
+      }
+    );
+  }
+
+  private async validateApiKey(apiKey: string) {
+    if (!apiKey) {
+      throw new HttpException(
+        getReasonPhrase(StatusCodes.UNAUTHORIZED),
+        StatusCodes.UNAUTHORIZED
+      );
+    }
+
+    try {
+      const { id } = await this.apiKeyService.getUserByApiKey(apiKey);
+
+      return this.userService.user({ id });
+    } catch {
+      throw new HttpException(
+        getReasonPhrase(StatusCodes.UNAUTHORIZED),
+        StatusCodes.UNAUTHORIZED
+      );
+    }
+  }
+}
--- a/apps/api/src/app/auth/auth.controller.ts
+++ b/apps/api/src/app/auth/auth.controller.ts
@ -1,7 +1,9 @@
 import { WebAuthService } from '@ghostfolio/api/app/auth/web-auth.service';
-import { ConfigurationService } from '@ghostfolio/api/services/configuration.service';
+import { HasPermissionGuard } from '@ghostfolio/api/guards/has-permission.guard';
+import { ConfigurationService } from '@ghostfolio/api/services/configuration/configuration.service';
 import { DEFAULT_LANGUAGE_CODE } from '@ghostfolio/common/config';
 import { OAuthResponse } from '@ghostfolio/common/interfaces';
+
 import {
  Body,
  Controller,
@ -12,12 +14,12 @@ import {
  Req,
  Res,
  UseGuards,
-  VERSION_NEUTRAL,
-  Version
+  Version,
+  VERSION_NEUTRAL
 } from '@nestjs/common';
 import { AuthGuard } from '@nestjs/passport';
 import { Request, Response } from 'express';
-import { StatusCodes, getReasonPhrase } from 'http-status-codes';
+import { getReasonPhrase, StatusCodes } from 'http-status-codes';

 import { AuthService } from './auth.service';
 import {
@ -33,13 +35,32 @@ export class AuthController {
    private readonly webAuthService: WebAuthService
  ) {}

+  /**
+   * @deprecated
+   */
  @Get('anonymous/:accessToken')
-  public async accessTokenLogin(
+  public async accessTokenLoginGet(
    @Param('accessToken') accessToken: string
+  ): Promise<OAuthResponse> {
+    try {
+      const authToken =
+        await this.authService.validateAnonymousLogin(accessToken);
+      return { authToken };
+    } catch {
+      throw new HttpException(
+        getReasonPhrase(StatusCodes.FORBIDDEN),
+        StatusCodes.FORBIDDEN
+      );
+    }
+  }
+
+  @Post('anonymous')
+  public async accessTokenLogin(
+    @Body() body: { accessToken: string }
  ): Promise<OAuthResponse> {
    try {
      const authToken = await this.authService.validateAnonymousLogin(
-        accessToken
+        body.accessToken
      );
      return { authToken };
    } catch {
@ -64,7 +85,7 @@ export class AuthController {
    @Res() response: Response
  ) {
    // Handles the Google OAuth2 callback
-    const jwt: string = (<any>request.user).jwt;
+    const jwt: string = (request.user as any).jwt;

    if (jwt) {
      response.redirect(
@ -81,13 +102,13 @@ export class AuthController {
    }
  }

-  @Get('internet-identity/:principalId')
+  @Post('internet-identity')
  public async internetIdentityLogin(
-    @Param('principalId') principalId: string
+    @Body() body: { principalId: string }
  ): Promise<OAuthResponse> {
    try {
      const authToken = await this.authService.validateInternetIdentityLogin(
-        principalId
+        body.principalId
      );
      return { authToken };
    } catch {
@ -99,20 +120,17 @@ export class AuthController {
  }

  @Get('webauthn/generate-registration-options')
-  @UseGuards(AuthGuard('jwt'))
+  @UseGuards(AuthGuard('jwt'), HasPermissionGuard)
  public async generateRegistrationOptions() {
    return this.webAuthService.generateRegistrationOptions();
  }

  @Post('webauthn/verify-attestation')
-  @UseGuards(AuthGuard('jwt'))
+  @UseGuards(AuthGuard('jwt'), HasPermissionGuard)
  public async verifyAttestation(
    @Body() body: { deviceName: string; credential: AttestationCredentialJSON }
  ) {
-    return this.webAuthService.verifyAttestation(
-      body.deviceName,
-      body.credential
-    );
+    return this.webAuthService.verifyAttestation(body.credential);
  }

  @Post('webauthn/generate-assertion-options')
--- a/apps/api/src/app/auth/auth.module.ts
+++ b/apps/api/src/app/auth/auth.module.ts
@ -2,12 +2,15 @@ import { AuthDeviceService } from '@ghostfolio/api/app/auth-device/auth-device.s
 import { WebAuthService } from '@ghostfolio/api/app/auth/web-auth.service';
 import { SubscriptionModule } from '@ghostfolio/api/app/subscription/subscription.module';
 import { UserModule } from '@ghostfolio/api/app/user/user.module';
-import { ConfigurationModule } from '@ghostfolio/api/services/configuration.module';
-import { PrismaModule } from '@ghostfolio/api/services/prisma.module';
+import { ApiKeyService } from '@ghostfolio/api/services/api-key/api-key.service';
+import { ConfigurationModule } from '@ghostfolio/api/services/configuration/configuration.module';
+import { PrismaModule } from '@ghostfolio/api/services/prisma/prisma.module';
 import { PropertyModule } from '@ghostfolio/api/services/property/property.module';
+
 import { Module } from '@nestjs/common';
 import { JwtModule } from '@nestjs/jwt';

+import { ApiKeyStrategy } from './api-key.strategy';
 import { AuthController } from './auth.controller';
 import { AuthService } from './auth.service';
 import { GoogleStrategy } from './google.strategy';
@ -27,6 +30,8 @@ import { JwtStrategy } from './jwt.strategy';
    UserModule
  ],
  providers: [
+    ApiKeyService,
+    ApiKeyStrategy,
    AuthDeviceService,
    AuthService,
    GoogleStrategy,
--- a/apps/api/src/app/auth/auth.service.ts
+++ b/apps/api/src/app/auth/auth.service.ts
@ -1,6 +1,7 @@
 import { UserService } from '@ghostfolio/api/app/user/user.service';
-import { ConfigurationService } from '@ghostfolio/api/services/configuration.service';
+import { ConfigurationService } from '@ghostfolio/api/services/configuration/configuration.service';
 import { PropertyService } from '@ghostfolio/api/services/property/property.service';
+
 import { Injectable, InternalServerErrorException } from '@nestjs/common';
 import { JwtService } from '@nestjs/jwt';
 import { Provider } from '@prisma/client';
@ -55,7 +56,7 @@ export class AuthService {
        const isUserSignupEnabled =
          await this.propertyService.isUserSignupEnabled();

-        if (!isUserSignupEnabled) {
+        if (!isUserSignupEnabled || true) {
          throw new Error('Sign up forbidden');
        }

--- a/apps/api/src/app/auth/google.strategy.ts
+++ b/apps/api/src/app/auth/google.strategy.ts
@ -1,8 +1,9 @@
-import { ConfigurationService } from '@ghostfolio/api/services/configuration.service';
+import { ConfigurationService } from '@ghostfolio/api/services/configuration/configuration.service';
+
 import { Injectable, Logger } from '@nestjs/common';
 import { PassportStrategy } from '@nestjs/passport';
 import { Provider } from '@prisma/client';
-import { Strategy } from 'passport-google-oauth20';
+import { Profile, Strategy } from 'passport-google-oauth20';

 import { AuthService } from './auth.service';

@ -10,7 +11,7 @@ import { AuthService } from './auth.service';
 export class GoogleStrategy extends PassportStrategy(Strategy, 'google') {
  public constructor(
    private readonly authService: AuthService,
-    readonly configurationService: ConfigurationService
+    configurationService: ConfigurationService
  ) {
    super({
      callbackURL: `${configurationService.get(
@ -19,28 +20,24 @@ export class GoogleStrategy extends PassportStrategy(Strategy, 'google') {
      clientID: configurationService.get('GOOGLE_CLIENT_ID'),
      clientSecret: configurationService.get('GOOGLE_SECRET'),
      passReqToCallback: true,
-      scope: ['email', 'profile']
+      scope: ['profile']
    });
  }

  public async validate(
-    request: any,
-    token: string,
-    refreshToken: string,
-    profile,
-    done: Function,
-    done2: Function
+    _request: any,
+    _token: string,
+    _refreshToken: string,
+    profile: Profile,
+    done: Function
  ) {
    try {
-      const jwt: string = await this.authService.validateOAuthLogin({
+      const jwt = await this.authService.validateOAuthLogin({
        provider: Provider.GOOGLE,
        thirdPartyId: profile.id
      });
-      const user = {
-        jwt
-      };

-      done(null, user);
+      done(null, { jwt });
    } catch (error) {
      Logger.error(error, 'GoogleStrategy');
      done(error, false);
--- a/apps/api/src/app/auth/interfaces/interfaces.ts
+++ b/apps/api/src/app/auth/interfaces/interfaces.ts
@ -1,4 +1,5 @@
 import { AuthDeviceDto } from '@ghostfolio/api/app/auth-device/auth-device.dto';
+
 import { Provider } from '@prisma/client';

 export interface AuthDeviceDialogParams {
--- a/apps/api/src/app/auth/interfaces/simplewebauthn.ts
+++ b/apps/api/src/app/auth/interfaces/simplewebauthn.ts
@ -198,12 +198,12 @@ export interface AuthenticatorAssertionResponseJSON
 /**
 * A WebAuthn-compatible device and the information needed to verify assertions by it
 */
-export declare type AuthenticatorDevice = {
+export declare interface AuthenticatorDevice {
  credentialPublicKey: Buffer;
  credentialID: Buffer;
  counter: number;
  transports?: AuthenticatorTransport[];
-};
+}
 /**
 * An attempt to communicate that this isn't just any string, but a Base64URL-encoded string
 */
--- a/apps/api/src/app/auth/jwt.strategy.ts
+++ b/apps/api/src/app/auth/jwt.strategy.ts
@ -1,10 +1,13 @@
 import { UserService } from '@ghostfolio/api/app/user/user.service';
-import { ConfigurationService } from '@ghostfolio/api/services/configuration.service';
-import { PrismaService } from '@ghostfolio/api/services/prisma.service';
+import { ConfigurationService } from '@ghostfolio/api/services/configuration/configuration.service';
+import { PrismaService } from '@ghostfolio/api/services/prisma/prisma.service';
 import { HEADER_KEY_TIMEZONE } from '@ghostfolio/common/config';
-import { Injectable, UnauthorizedException } from '@nestjs/common';
+import { hasRole } from '@ghostfolio/common/permissions';
+
+import { HttpException, Injectable } from '@nestjs/common';
 import { PassportStrategy } from '@nestjs/passport';
 import * as countriesAndTimezones from 'countries-and-timezones';
+import { StatusCodes, getReasonPhrase } from 'http-status-codes';
 import { ExtractJwt, Strategy } from 'passport-jwt';

@Injectable()
@ -28,6 +31,13 @@ export class JwtStrategy extends PassportStrategy(Strategy, 'jwt') {

      if (user) {
        if (this.configurationService.get('ENABLE_FEATURE_SUBSCRIPTION')) {
+          if (hasRole(user, 'INACTIVE')) {
+            throw new HttpException(
+              getReasonPhrase(StatusCodes.TOO_MANY_REQUESTS),
+              StatusCodes.TOO_MANY_REQUESTS
+            );
+          }
+
          const country =
            countriesAndTimezones.getCountryForTimezone(timezone)?.id;

@ -36,7 +46,7 @@ export class JwtStrategy extends PassportStrategy(Strategy, 'jwt') {
            update: {
              country,
              activityCount: { increment: 1 },
-              updatedAt: new Date()
+              lastRequestAt: new Date()
            },
            where: { userId: user.id }
          });
@ -44,10 +54,20 @@ export class JwtStrategy extends PassportStrategy(Strategy, 'jwt') {

        return user;
      } else {
-        throw '';
+        throw new HttpException(
+          getReasonPhrase(StatusCodes.NOT_FOUND),
+          StatusCodes.NOT_FOUND
+        );
+      }
+    } catch (error) {
+      if (error?.getStatus?.() === StatusCodes.TOO_MANY_REQUESTS) {
+        throw error;
+      } else {
+        throw new HttpException(
+          getReasonPhrase(StatusCodes.UNAUTHORIZED),
+          StatusCodes.UNAUTHORIZED
+        );
      }
-    } catch (err) {
-      throw new UnauthorizedException('unauthorized', err.message);
    }
  }
 }
--- a/apps/api/src/app/auth/web-auth.service.ts
+++ b/apps/api/src/app/auth/web-auth.service.ts
@ -1,8 +1,9 @@
 import { AuthDeviceDto } from '@ghostfolio/api/app/auth-device/auth-device.dto';
 import { AuthDeviceService } from '@ghostfolio/api/app/auth-device/auth-device.service';
 import { UserService } from '@ghostfolio/api/app/user/user.service';
-import { ConfigurationService } from '@ghostfolio/api/services/configuration.service';
+import { ConfigurationService } from '@ghostfolio/api/services/configuration/configuration.service';
 import type { RequestWithUser } from '@ghostfolio/common/types';
+
 import {
  Inject,
  Injectable,
@ -12,16 +13,16 @@ import {
 import { REQUEST } from '@nestjs/core';
 import { JwtService } from '@nestjs/jwt';
 import {
+  generateAuthenticationOptions,
  GenerateAuthenticationOptionsOpts,
+  generateRegistrationOptions,
  GenerateRegistrationOptionsOpts,
  VerifiedAuthenticationResponse,
  VerifiedRegistrationResponse,
-  VerifyAuthenticationResponseOpts,
-  VerifyRegistrationResponseOpts,
-  generateAuthenticationOptions,
-  generateRegistrationOptions,
  verifyAuthenticationResponse,
-  verifyRegistrationResponse
+  VerifyAuthenticationResponseOpts,
+  verifyRegistrationResponse,
+  VerifyRegistrationResponseOpts
 } from '@simplewebauthn/server';

 import {
@ -40,7 +41,7 @@ export class WebAuthService {
  ) {}

  get rpID() {
-    return this.configurationService.get('WEB_AUTH_RP_ID');
+    return new URL(this.configurationService.get('ROOT_URL')).hostname;
  }

  get expectedOrigin() {
@ -64,7 +65,7 @@ export class WebAuthService {
      }
    };

-    const options = generateRegistrationOptions(opts);
+    const options = await generateRegistrationOptions(opts);

    await this.userService.updateUser({
      data: {
@ -79,7 +80,6 @@ export class WebAuthService {
  }

  public async verifyAttestation(
-    deviceName: string,
    credential: AttestationCredentialJSON
  ): Promise<AuthDeviceDto> {
    const user = this.request.user;
@ -88,10 +88,16 @@ export class WebAuthService {
    let verification: VerifiedRegistrationResponse;
    try {
      const opts: VerifyRegistrationResponseOpts = {
-        credential,
        expectedChallenge,
        expectedOrigin: this.expectedOrigin,
-        expectedRPID: this.rpID
+        expectedRPID: this.rpID,
+        response: {
+          clientExtensionResults: credential.clientExtensionResults,
+          id: credential.id,
+          rawId: credential.rawId,
+          response: credential.response,
+          type: 'public-key'
+        }
      };
      verification = await verifyRegistrationResponse(opts);
    } catch (error) {
@ -117,8 +123,8 @@ export class WebAuthService {
         */
        existingDevice = await this.deviceService.createAuthDevice({
          counter,
-          credentialPublicKey,
-          credentialId: credentialID,
+          credentialId: Buffer.from(credentialID),
+          credentialPublicKey: Buffer.from(credentialPublicKey),
          User: { connect: { id: user.id } }
        });
      }
@ -152,7 +158,7 @@ export class WebAuthService {
      userVerification: 'preferred'
    };

-    const options = generateAuthenticationOptions(opts);
+    const options = await generateAuthenticationOptions(opts);

    await this.userService.updateUser({
      data: {
@ -181,7 +187,6 @@ export class WebAuthService {
    let verification: VerifiedAuthenticationResponse;
    try {
      const opts: VerifyAuthenticationResponseOpts = {
-        credential,
        authenticator: {
          credentialID: device.credentialId,
          credentialPublicKey: device.credentialPublicKey,
@ -189,9 +194,16 @@ export class WebAuthService {
        },
        expectedChallenge: `${user.authChallenge}`,
        expectedOrigin: this.expectedOrigin,
-        expectedRPID: this.rpID
+        expectedRPID: this.rpID,
+        response: {
+          clientExtensionResults: credential.clientExtensionResults,
+          id: credential.id,
+          rawId: credential.rawId,
+          response: credential.response,
+          type: 'public-key'
+        }
      };
-      verification = verifyAuthenticationResponse(opts);
+      verification = await verifyAuthenticationResponse(opts);
    } catch (error) {
      Logger.error(error, 'WebAuthService');
      throw new InternalServerErrorException({ error: error.message });
--- a/apps/api/src/app/benchmark/benchmark.controller.ts
+++ b/apps/api/src/app/benchmark/benchmark.controller.ts
@ -1,48 +0,0 @@
-import { TransformDataSourceInRequestInterceptor } from '@ghostfolio/api/interceptors/transform-data-source-in-request.interceptor';
-import { TransformDataSourceInResponseInterceptor } from '@ghostfolio/api/interceptors/transform-data-source-in-response.interceptor';
-import {
-  BenchmarkMarketDataDetails,
-  BenchmarkResponse
-} from '@ghostfolio/common/interfaces';
-import {
-  Controller,
-  Get,
-  Param,
-  UseGuards,
-  UseInterceptors
-} from '@nestjs/common';
-import { AuthGuard } from '@nestjs/passport';
-import { DataSource } from '@prisma/client';
-
-import { BenchmarkService } from './benchmark.service';
-
-@Controller('benchmark')
-export class BenchmarkController {
-  public constructor(private readonly benchmarkService: BenchmarkService) {}
-
-  @Get()
-  @UseInterceptors(TransformDataSourceInRequestInterceptor)
-  @UseInterceptors(TransformDataSourceInResponseInterceptor)
-  public async getBenchmark(): Promise<BenchmarkResponse> {
-    return {
-      benchmarks: await this.benchmarkService.getBenchmarks()
-    };
-  }
-
-  @Get(':dataSource/:symbol/:startDateString')
-  @UseGuards(AuthGuard('jwt'))
-  @UseInterceptors(TransformDataSourceInRequestInterceptor)
-  public async getBenchmarkMarketDataBySymbol(
-    @Param('dataSource') dataSource: DataSource,
-    @Param('startDateString') startDateString: string,
-    @Param('symbol') symbol: string
-  ): Promise<BenchmarkMarketDataDetails> {
-    const startDate = new Date(startDateString);
-
-    return this.benchmarkService.getMarketDataBySymbol({
-      dataSource,
-      startDate,
-      symbol
-    });
-  }
-}
--- a/apps/api/src/app/benchmark/benchmark.service.ts
+++ b/apps/api/src/app/benchmark/benchmark.service.ts
@ -1,210 +0,0 @@
-import { RedisCacheService } from '@ghostfolio/api/app/redis-cache/redis-cache.service';
-import { SymbolService } from '@ghostfolio/api/app/symbol/symbol.service';
-import { DataProviderService } from '@ghostfolio/api/services/data-provider/data-provider.service';
-import { MarketDataService } from '@ghostfolio/api/services/market-data.service';
-import { PropertyService } from '@ghostfolio/api/services/property/property.service';
-import { SymbolProfileService } from '@ghostfolio/api/services/symbol-profile.service';
-import {
-  MAX_CHART_ITEMS,
-  PROPERTY_BENCHMARKS
-} from '@ghostfolio/common/config';
-import { DATE_FORMAT } from '@ghostfolio/common/helper';
-import {
-  BenchmarkMarketDataDetails,
-  BenchmarkResponse,
-  UniqueAsset
-} from '@ghostfolio/common/interfaces';
-import { Injectable } from '@nestjs/common';
-import { SymbolProfile } from '@prisma/client';
-import Big from 'big.js';
-import { format } from 'date-fns';
-import ms from 'ms';
-
-@Injectable()
-export class BenchmarkService {
-  private readonly CACHE_KEY_BENCHMARKS = 'BENCHMARKS';
-
-  public constructor(
-    private readonly dataProviderService: DataProviderService,
-    private readonly marketDataService: MarketDataService,
-    private readonly propertyService: PropertyService,
-    private readonly redisCacheService: RedisCacheService,
-    private readonly symbolProfileService: SymbolProfileService,
-    private readonly symbolService: SymbolService
-  ) {}
-
-  public calculateChangeInPercentage(baseValue: number, currentValue: number) {
-    if (baseValue && currentValue) {
-      return new Big(currentValue).div(baseValue).minus(1).toNumber();
-    }
-
-    return 0;
-  }
-
-  public async getBenchmarks({ useCache = true } = {}): Promise<
-    BenchmarkResponse['benchmarks']
-  > {
-    let benchmarks: BenchmarkResponse['benchmarks'];
-
-    if (useCache) {
-      try {
-        benchmarks = JSON.parse(
-          await this.redisCacheService.get(this.CACHE_KEY_BENCHMARKS)
-        );
-
-        if (benchmarks) {
-          return benchmarks;
-        }
-      } catch {}
-    }
-
-    const benchmarkAssetProfiles = await this.getBenchmarkAssetProfiles();
-
-    const promises: Promise<number>[] = [];
-
-    const quotes = await this.dataProviderService.getQuotes(
-      benchmarkAssetProfiles.map(({ dataSource, symbol }) => {
-        return { dataSource, symbol };
-      })
-    );
-
-    for (const { dataSource, symbol } of benchmarkAssetProfiles) {
-      promises.push(this.marketDataService.getMax({ dataSource, symbol }));
-    }
-
-    const allTimeHighs = await Promise.all(promises);
-    let storeInCache = true;
-
-    benchmarks = allTimeHighs.map((allTimeHigh, index) => {
-      const { marketPrice } =
-        quotes[benchmarkAssetProfiles[index].symbol] ?? {};
-
-      let performancePercentFromAllTimeHigh = 0;
-
-      if (allTimeHigh && marketPrice) {
-        performancePercentFromAllTimeHigh = this.calculateChangeInPercentage(
-          allTimeHigh,
-          marketPrice
-        );
-      } else {
-        storeInCache = false;
-      }
-
-      return {
-        marketCondition: this.getMarketCondition(
-          performancePercentFromAllTimeHigh
-        ),
-        name: benchmarkAssetProfiles[index].name,
-        performances: {
-          allTimeHigh: {
-            performancePercent: performancePercentFromAllTimeHigh
-          }
-        }
-      };
-    });
-
-    if (storeInCache) {
-      await this.redisCacheService.set(
-        this.CACHE_KEY_BENCHMARKS,
-        JSON.stringify(benchmarks),
-        ms('4 hours') / 1000
-      );
-    }
-
-    return benchmarks;
-  }
-
-  public async getBenchmarkAssetProfiles(): Promise<Partial<SymbolProfile>[]> {
-    const symbolProfileIds: string[] = (
-      ((await this.propertyService.getByKey(PROPERTY_BENCHMARKS)) as {
-        symbolProfileId: string;
-      }[]) ?? []
-    ).map(({ symbolProfileId }) => {
-      return symbolProfileId;
-    });
-
-    const assetProfiles =
-      await this.symbolProfileService.getSymbolProfilesByIds(symbolProfileIds);
-
-    return assetProfiles
-      .map(({ dataSource, id, name, symbol }) => {
-        return {
-          dataSource,
-          id,
-          name,
-          symbol
-        };
-      })
-      .sort((a, b) => a.name.localeCompare(b.name));
-  }
-
-  public async getMarketDataBySymbol({
-    dataSource,
-    startDate,
-    symbol
-  }: { startDate: Date } & UniqueAsset): Promise<BenchmarkMarketDataDetails> {
-    const [currentSymbolItem, marketDataItems] = await Promise.all([
-      this.symbolService.get({
-        dataGatheringItem: {
-          dataSource,
-          symbol
-        }
-      }),
-      this.marketDataService.marketDataItems({
-        orderBy: {
-          date: 'asc'
-        },
-        where: {
-          dataSource,
-          symbol,
-          date: {
-            gte: startDate
-          }
-        }
-      })
-    ]);
-
-    const step = Math.round(
-      marketDataItems.length / Math.min(marketDataItems.length, MAX_CHART_ITEMS)
-    );
-
-    const marketPriceAtStartDate = marketDataItems?.[0]?.marketPrice ?? 0;
-    const response = {
-      marketData: [
-        ...marketDataItems
-          .filter((marketDataItem, index) => {
-            return index % step === 0;
-          })
-          .map((marketDataItem) => {
-            return {
-              date: format(marketDataItem.date, DATE_FORMAT),
-              value:
-                marketPriceAtStartDate === 0
-                  ? 0
-                  : this.calculateChangeInPercentage(
-                      marketPriceAtStartDate,
-                      marketDataItem.marketPrice
-                    ) * 100
-            };
-          })
-      ]
-    };
-
-    if (currentSymbolItem?.marketPrice) {
-      response.marketData.push({
-        date: format(new Date(), DATE_FORMAT),
-        value:
-          this.calculateChangeInPercentage(
-            marketPriceAtStartDate,
-            currentSymbolItem.marketPrice
-          ) * 100
-      });
-    }
-
-    return response;
-  }
-
-  private getMarketCondition(aPerformanceInPercent: number) {
-    return aPerformanceInPercent <= -0.2 ? 'BEAR_MARKET' : 'NEUTRAL_MARKET';
-  }
-}
--- a/apps/api/src/app/cache/cache.controller.ts
+++ b/apps/api/src/app/cache/cache.controller.ts
@ -1,39 +1,19 @@
 import { RedisCacheService } from '@ghostfolio/api/app/redis-cache/redis-cache.service';
-import { hasPermission, permissions } from '@ghostfolio/common/permissions';
-import type { RequestWithUser } from '@ghostfolio/common/types';
-import {
-  Controller,
-  HttpException,
-  Inject,
-  Post,
-  UseGuards
-} from '@nestjs/common';
-import { REQUEST } from '@nestjs/core';
+import { HasPermission } from '@ghostfolio/api/decorators/has-permission.decorator';
+import { HasPermissionGuard } from '@ghostfolio/api/guards/has-permission.guard';
+import { permissions } from '@ghostfolio/common/permissions';
+
+import { Controller, Post, UseGuards } from '@nestjs/common';
 import { AuthGuard } from '@nestjs/passport';
-import { StatusCodes, getReasonPhrase } from 'http-status-codes';

@Controller('cache')
 export class CacheController {
-  public constructor(
-    private readonly redisCacheService: RedisCacheService,
-    @Inject(REQUEST) private readonly request: RequestWithUser
-  ) {}
+  public constructor(private readonly redisCacheService: RedisCacheService) {}

+  @HasPermission(permissions.accessAdminControl)
  @Post('flush')
-  @UseGuards(AuthGuard('jwt'))
+  @UseGuards(AuthGuard('jwt'), HasPermissionGuard)
  public async flushCache(): Promise<void> {
-    if (
-      !hasPermission(
-        this.request.user.permissions,
-        permissions.accessAdminControl
-      )
-    ) {
-      throw new HttpException(
-        getReasonPhrase(StatusCodes.FORBIDDEN),
-        StatusCodes.FORBIDDEN
-      );
-    }
-
-    return this.redisCacheService.reset();
+    await this.redisCacheService.reset();
  }
 }
--- a/apps/api/src/app/cache/cache.module.ts
+++ b/apps/api/src/app/cache/cache.module.ts
@ -1,24 +1,11 @@
 import { RedisCacheModule } from '@ghostfolio/api/app/redis-cache/redis-cache.module';
-import { ConfigurationModule } from '@ghostfolio/api/services/configuration.module';
-import { DataGatheringModule } from '@ghostfolio/api/services/data-gathering.module';
-import { DataProviderModule } from '@ghostfolio/api/services/data-provider/data-provider.module';
-import { ExchangeRateDataModule } from '@ghostfolio/api/services/exchange-rate-data.module';
-import { PrismaModule } from '@ghostfolio/api/services/prisma.module';
-import { SymbolProfileModule } from '@ghostfolio/api/services/symbol-profile.module';
+
 import { Module } from '@nestjs/common';

 import { CacheController } from './cache.controller';

@Module({
  controllers: [CacheController],
-  imports: [
-    ConfigurationModule,
-    DataGatheringModule,
-    DataProviderModule,
-    ExchangeRateDataModule,
-    PrismaModule,
-    RedisCacheModule,
-    SymbolProfileModule
-  ]
+  imports: [RedisCacheModule]
 })
 export class CacheModule {}
--- a/apps/api/src/app/endpoints/ai/ai.controller.ts
+++ b/apps/api/src/app/endpoints/ai/ai.controller.ts
@ -0,0 +1,42 @@
+import { HasPermission } from '@ghostfolio/api/decorators/has-permission.decorator';
+import { HasPermissionGuard } from '@ghostfolio/api/guards/has-permission.guard';
+import {
+  DEFAULT_CURRENCY,
+  DEFAULT_LANGUAGE_CODE
+} from '@ghostfolio/common/config';
+import { AiPromptResponse } from '@ghostfolio/common/interfaces';
+import { permissions } from '@ghostfolio/common/permissions';
+import type { AiPromptMode, RequestWithUser } from '@ghostfolio/common/types';
+
+import { Controller, Get, Inject, Param, UseGuards } from '@nestjs/common';
+import { REQUEST } from '@nestjs/core';
+import { AuthGuard } from '@nestjs/passport';
+
+import { AiService } from './ai.service';
+
+@Controller('ai')
+export class AiController {
+  public constructor(
+    private readonly aiService: AiService,
+    @Inject(REQUEST) private readonly request: RequestWithUser
+  ) {}
+
+  @Get('prompt/:mode')
+  @HasPermission(permissions.readAiPrompt)
+  @UseGuards(AuthGuard('jwt'), HasPermissionGuard)
+  public async getPrompt(
+    @Param('mode') mode: AiPromptMode
+  ): Promise<AiPromptResponse> {
+    const prompt = await this.aiService.getPrompt({
+      mode,
+      impersonationId: undefined,
+      languageCode:
+        this.request.user.Settings.settings.language ?? DEFAULT_LANGUAGE_CODE,
+      userCurrency:
+        this.request.user.Settings.settings.baseCurrency ?? DEFAULT_CURRENCY,
+      userId: this.request.user.id
+    });
+
+    return { prompt };
+  }
+}
--- a/apps/api/src/app/endpoints/ai/ai.module.ts
+++ b/apps/api/src/app/endpoints/ai/ai.module.ts
@ -0,0 +1,51 @@
+import { AccountBalanceService } from '@ghostfolio/api/app/account-balance/account-balance.service';
+import { AccountService } from '@ghostfolio/api/app/account/account.service';
+import { OrderModule } from '@ghostfolio/api/app/order/order.module';
+import { PortfolioCalculatorFactory } from '@ghostfolio/api/app/portfolio/calculator/portfolio-calculator.factory';
+import { CurrentRateService } from '@ghostfolio/api/app/portfolio/current-rate.service';
+import { PortfolioService } from '@ghostfolio/api/app/portfolio/portfolio.service';
+import { RulesService } from '@ghostfolio/api/app/portfolio/rules.service';
+import { RedisCacheModule } from '@ghostfolio/api/app/redis-cache/redis-cache.module';
+import { UserModule } from '@ghostfolio/api/app/user/user.module';
+import { ConfigurationModule } from '@ghostfolio/api/services/configuration/configuration.module';
+import { DataProviderModule } from '@ghostfolio/api/services/data-provider/data-provider.module';
+import { ExchangeRateDataModule } from '@ghostfolio/api/services/exchange-rate-data/exchange-rate-data.module';
+import { ImpersonationModule } from '@ghostfolio/api/services/impersonation/impersonation.module';
+import { MarketDataModule } from '@ghostfolio/api/services/market-data/market-data.module';
+import { MarketDataService } from '@ghostfolio/api/services/market-data/market-data.service';
+import { PrismaModule } from '@ghostfolio/api/services/prisma/prisma.module';
+import { PortfolioSnapshotQueueModule } from '@ghostfolio/api/services/queues/portfolio-snapshot/portfolio-snapshot.module';
+import { SymbolProfileModule } from '@ghostfolio/api/services/symbol-profile/symbol-profile.module';
+
+import { Module } from '@nestjs/common';
+
+import { AiController } from './ai.controller';
+import { AiService } from './ai.service';
+
+@Module({
+  controllers: [AiController],
+  imports: [
+    ConfigurationModule,
+    DataProviderModule,
+    ExchangeRateDataModule,
+    ImpersonationModule,
+    MarketDataModule,
+    OrderModule,
+    PortfolioSnapshotQueueModule,
+    PrismaModule,
+    RedisCacheModule,
+    SymbolProfileModule,
+    UserModule
+  ],
+  providers: [
+    AccountBalanceService,
+    AccountService,
+    AiService,
+    CurrentRateService,
+    MarketDataService,
+    PortfolioCalculatorFactory,
+    PortfolioService,
+    RulesService
+  ]
+})
+export class AiModule {}
--- a/apps/api/src/app/endpoints/ai/ai.service.ts
+++ b/apps/api/src/app/endpoints/ai/ai.service.ts
@ -0,0 +1,67 @@
+import { PortfolioService } from '@ghostfolio/api/app/portfolio/portfolio.service';
+import type { AiPromptMode } from '@ghostfolio/common/types';
+
+import { Injectable } from '@nestjs/common';
+
+@Injectable()
+export class AiService {
+  public constructor(private readonly portfolioService: PortfolioService) {}
+
+  public async getPrompt({
+    impersonationId,
+    languageCode,
+    mode,
+    userCurrency,
+    userId
+  }: {
+    impersonationId: string;
+    languageCode: string;
+    mode: AiPromptMode;
+    userCurrency: string;
+    userId: string;
+  }) {
+    const { holdings } = await this.portfolioService.getDetails({
+      impersonationId,
+      userId
+    });
+
+    const holdingsTable = [
+      '| Name | Symbol | Currency | Asset Class | Asset Sub Class | Allocation in Percentage |',
+      '| --- | --- | --- | --- | --- | --- |',
+      ...Object.values(holdings)
+        .sort((a, b) => {
+          return b.allocationInPercentage - a.allocationInPercentage;
+        })
+        .map(
+          ({
+            allocationInPercentage,
+            assetClass,
+            assetSubClass,
+            currency,
+            name,
+            symbol
+          }) => {
+            return `| ${name} | ${symbol} | ${currency} | ${assetClass} | ${assetSubClass} | ${(allocationInPercentage * 100).toFixed(3)}% |`;
+          }
+        )
+    ];
+
+    if (mode === 'portfolio') {
+      return holdingsTable.join('\n');
+    }
+
+    return [
+      `You are a neutral financial assistant. Please analyze the following investment portfolio (base currency being ${userCurrency}) in simple words.`,
+      ...holdingsTable,
+      'Structure your answer with these sections:',
+      'Overview: Briefly summarize the portfolio’s composition and allocation rationale.',
+      'Risk Assessment: Identify potential risks, including market volatility, concentration, and sectoral imbalances.',
+      'Advantages: Highlight strengths, focusing on growth potential, diversification, or other benefits.',
+      'Disadvantages: Point out weaknesses, such as overexposure or lack of defensive assets.',
+      'Target Group: Discuss who this portfolio might suit (e.g., risk tolerance, investment goals, life stages, and experience levels).',
+      'Optimization Ideas: Offer ideas to complement the portfolio, ensuring they are constructive and neutral in tone.',
+      'Conclusion: Provide a concise summary highlighting key insights.',
+      `Provide your answer in the following language: ${languageCode}.`
+    ].join('\n');
+  }
+}
--- a/apps/api/src/app/endpoints/api-keys/api-keys.controller.ts
+++ b/apps/api/src/app/endpoints/api-keys/api-keys.controller.ts
@ -0,0 +1,25 @@
+import { HasPermission } from '@ghostfolio/api/decorators/has-permission.decorator';
+import { HasPermissionGuard } from '@ghostfolio/api/guards/has-permission.guard';
+import { ApiKeyService } from '@ghostfolio/api/services/api-key/api-key.service';
+import { ApiKeyResponse } from '@ghostfolio/common/interfaces';
+import { permissions } from '@ghostfolio/common/permissions';
+import type { RequestWithUser } from '@ghostfolio/common/types';
+
+import { Controller, Inject, Post, UseGuards } from '@nestjs/common';
+import { REQUEST } from '@nestjs/core';
+import { AuthGuard } from '@nestjs/passport';
+
+@Controller('api-keys')
+export class ApiKeysController {
+  public constructor(
+    private readonly apiKeyService: ApiKeyService,
+    @Inject(REQUEST) private readonly request: RequestWithUser
+  ) {}
+
+  @HasPermission(permissions.createApiKey)
+  @Post()
+  @UseGuards(AuthGuard('jwt'), HasPermissionGuard)
+  public async createApiKey(): Promise<ApiKeyResponse> {
+    return this.apiKeyService.create({ userId: this.request.user.id });
+  }
+}
--- a/apps/api/src/app/endpoints/api-keys/api-keys.module.ts
+++ b/apps/api/src/app/endpoints/api-keys/api-keys.module.ts
@ -0,0 +1,11 @@
+import { ApiKeyModule } from '@ghostfolio/api/services/api-key/api-key.module';
+
+import { Module } from '@nestjs/common';
+
+import { ApiKeysController } from './api-keys.controller';
+
+@Module({
+  controllers: [ApiKeysController],
+  imports: [ApiKeyModule]
+})
+export class ApiKeysModule {}
--- a/apps/api/src/app/endpoints/benchmarks/benchmarks.controller.ts
+++ b/apps/api/src/app/endpoints/benchmarks/benchmarks.controller.ts
@ -0,0 +1,156 @@
+import { HasPermission } from '@ghostfolio/api/decorators/has-permission.decorator';
+import { HasPermissionGuard } from '@ghostfolio/api/guards/has-permission.guard';
+import { TransformDataSourceInRequestInterceptor } from '@ghostfolio/api/interceptors/transform-data-source-in-request/transform-data-source-in-request.interceptor';
+import { TransformDataSourceInResponseInterceptor } from '@ghostfolio/api/interceptors/transform-data-source-in-response/transform-data-source-in-response.interceptor';
+import { ApiService } from '@ghostfolio/api/services/api/api.service';
+import { BenchmarkService } from '@ghostfolio/api/services/benchmark/benchmark.service';
+import { getIntervalFromDateRange } from '@ghostfolio/common/calculation-helper';
+import { HEADER_KEY_IMPERSONATION } from '@ghostfolio/common/config';
+import type {
+  AssetProfileIdentifier,
+  BenchmarkMarketDataDetails,
+  BenchmarkResponse
+} from '@ghostfolio/common/interfaces';
+import { permissions } from '@ghostfolio/common/permissions';
+import type { DateRange, RequestWithUser } from '@ghostfolio/common/types';
+
+import {
+  Body,
+  Controller,
+  Delete,
+  Get,
+  Headers,
+  HttpException,
+  Inject,
+  Param,
+  Post,
+  Query,
+  UseGuards,
+  UseInterceptors
+} from '@nestjs/common';
+import { REQUEST } from '@nestjs/core';
+import { AuthGuard } from '@nestjs/passport';
+import { DataSource } from '@prisma/client';
+import { StatusCodes, getReasonPhrase } from 'http-status-codes';
+
+import { BenchmarksService } from './benchmarks.service';
+
+@Controller('benchmarks')
+export class BenchmarksController {
+  public constructor(
+    private readonly apiService: ApiService,
+    private readonly benchmarkService: BenchmarkService,
+    private readonly benchmarksService: BenchmarksService,
+    @Inject(REQUEST) private readonly request: RequestWithUser
+  ) {}
+
+  @HasPermission(permissions.accessAdminControl)
+  @Post()
+  @UseGuards(AuthGuard('jwt'), HasPermissionGuard)
+  public async addBenchmark(
+    @Body() { dataSource, symbol }: AssetProfileIdentifier
+  ) {
+    try {
+      const benchmark = await this.benchmarkService.addBenchmark({
+        dataSource,
+        symbol
+      });
+
+      if (!benchmark) {
+        throw new HttpException(
+          getReasonPhrase(StatusCodes.NOT_FOUND),
+          StatusCodes.NOT_FOUND
+        );
+      }
+
+      return benchmark;
+    } catch {
+      throw new HttpException(
+        getReasonPhrase(StatusCodes.INTERNAL_SERVER_ERROR),
+        StatusCodes.INTERNAL_SERVER_ERROR
+      );
+    }
+  }
+
+  @Delete(':dataSource/:symbol')
+  @HasPermission(permissions.accessAdminControl)
+  @UseGuards(AuthGuard('jwt'), HasPermissionGuard)
+  public async deleteBenchmark(
+    @Param('dataSource') dataSource: DataSource,
+    @Param('symbol') symbol: string
+  ) {
+    try {
+      const benchmark = await this.benchmarkService.deleteBenchmark({
+        dataSource,
+        symbol
+      });
+
+      if (!benchmark) {
+        throw new HttpException(
+          getReasonPhrase(StatusCodes.NOT_FOUND),
+          StatusCodes.NOT_FOUND
+        );
+      }
+
+      return benchmark;
+    } catch {
+      throw new HttpException(
+        getReasonPhrase(StatusCodes.INTERNAL_SERVER_ERROR),
+        StatusCodes.INTERNAL_SERVER_ERROR
+      );
+    }
+  }
+
+  @Get()
+  @UseInterceptors(TransformDataSourceInRequestInterceptor)
+  @UseInterceptors(TransformDataSourceInResponseInterceptor)
+  public async getBenchmark(): Promise<BenchmarkResponse> {
+    return {
+      benchmarks: await this.benchmarkService.getBenchmarks()
+    };
+  }
+
+  @Get(':dataSource/:symbol/:startDateString')
+  @UseGuards(AuthGuard('jwt'), HasPermissionGuard)
+  @UseInterceptors(TransformDataSourceInRequestInterceptor)
+  public async getBenchmarkMarketDataForUser(
+    @Headers(HEADER_KEY_IMPERSONATION.toLowerCase()) impersonationId: string,
+    @Param('dataSource') dataSource: DataSource,
+    @Param('startDateString') startDateString: string,
+    @Param('symbol') symbol: string,
+    @Query('range') dateRange: DateRange = 'max',
+    @Query('accounts') filterByAccounts?: string,
+    @Query('assetClasses') filterByAssetClasses?: string,
+    @Query('dataSource') filterByDataSource?: string,
+    @Query('symbol') filterBySymbol?: string,
+    @Query('tags') filterByTags?: string,
+    @Query('withExcludedAccounts') withExcludedAccountsParam = 'false'
+  ): Promise<BenchmarkMarketDataDetails> {
+    const { endDate, startDate } = getIntervalFromDateRange(
+      dateRange,
+      new Date(startDateString)
+    );
+
+    const filters = this.apiService.buildFiltersFromQueryParams({
+      filterByAccounts,
+      filterByAssetClasses,
+      filterByDataSource,
+      filterBySymbol,
+      filterByTags
+    });
+
+    const withExcludedAccounts = withExcludedAccountsParam === 'true';
+
+    return this.benchmarksService.getMarketDataForUser({
+      dataSource,
+      dateRange,
+      endDate,
+      filters,
+      impersonationId,
+      startDate,
+      symbol,
+      withExcludedAccounts,
+      user: this.request.user
+    });
+  }
+}
--- a/apps/api/src/app/endpoints/benchmarks/benchmarks.module.ts
+++ b/apps/api/src/app/endpoints/benchmarks/benchmarks.module.ts
@ -0,0 +1,63 @@
+import { AccountBalanceService } from '@ghostfolio/api/app/account-balance/account-balance.service';
+import { AccountService } from '@ghostfolio/api/app/account/account.service';
+import { OrderModule } from '@ghostfolio/api/app/order/order.module';
+import { PortfolioCalculatorFactory } from '@ghostfolio/api/app/portfolio/calculator/portfolio-calculator.factory';
+import { CurrentRateService } from '@ghostfolio/api/app/portfolio/current-rate.service';
+import { PortfolioService } from '@ghostfolio/api/app/portfolio/portfolio.service';
+import { RulesService } from '@ghostfolio/api/app/portfolio/rules.service';
+import { RedisCacheModule } from '@ghostfolio/api/app/redis-cache/redis-cache.module';
+import { SymbolModule } from '@ghostfolio/api/app/symbol/symbol.module';
+import { UserModule } from '@ghostfolio/api/app/user/user.module';
+import { TransformDataSourceInRequestModule } from '@ghostfolio/api/interceptors/transform-data-source-in-request/transform-data-source-in-request.module';
+import { TransformDataSourceInResponseModule } from '@ghostfolio/api/interceptors/transform-data-source-in-response/transform-data-source-in-response.module';
+import { ApiModule } from '@ghostfolio/api/services/api/api.module';
+import { BenchmarkService } from '@ghostfolio/api/services/benchmark/benchmark.service';
+import { ConfigurationModule } from '@ghostfolio/api/services/configuration/configuration.module';
+import { DataProviderModule } from '@ghostfolio/api/services/data-provider/data-provider.module';
+import { ExchangeRateDataModule } from '@ghostfolio/api/services/exchange-rate-data/exchange-rate-data.module';
+import { ImpersonationModule } from '@ghostfolio/api/services/impersonation/impersonation.module';
+import { MarketDataModule } from '@ghostfolio/api/services/market-data/market-data.module';
+import { MarketDataService } from '@ghostfolio/api/services/market-data/market-data.service';
+import { PrismaModule } from '@ghostfolio/api/services/prisma/prisma.module';
+import { PropertyModule } from '@ghostfolio/api/services/property/property.module';
+import { PortfolioSnapshotQueueModule } from '@ghostfolio/api/services/queues/portfolio-snapshot/portfolio-snapshot.module';
+import { SymbolProfileModule } from '@ghostfolio/api/services/symbol-profile/symbol-profile.module';
+
+import { Module } from '@nestjs/common';
+
+import { BenchmarksController } from './benchmarks.controller';
+import { BenchmarksService } from './benchmarks.service';
+
+@Module({
+  controllers: [BenchmarksController],
+  imports: [
+    ApiModule,
+    ConfigurationModule,
+    DataProviderModule,
+    ExchangeRateDataModule,
+    ImpersonationModule,
+    MarketDataModule,
+    OrderModule,
+    PortfolioSnapshotQueueModule,
+    PrismaModule,
+    PropertyModule,
+    RedisCacheModule,
+    SymbolModule,
+    SymbolProfileModule,
+    TransformDataSourceInRequestModule,
+    TransformDataSourceInResponseModule,
+    UserModule
+  ],
+  providers: [
+    AccountBalanceService,
+    AccountService,
+    BenchmarkService,
+    BenchmarksService,
+    CurrentRateService,
+    MarketDataService,
+    PortfolioCalculatorFactory,
+    PortfolioService,
+    RulesService
+  ]
+})
+export class BenchmarksModule {}
--- a/apps/api/src/app/endpoints/benchmarks/benchmarks.service.ts
+++ b/apps/api/src/app/endpoints/benchmarks/benchmarks.service.ts
@ -0,0 +1,163 @@
+import { PortfolioService } from '@ghostfolio/api/app/portfolio/portfolio.service';
+import { SymbolService } from '@ghostfolio/api/app/symbol/symbol.service';
+import { BenchmarkService } from '@ghostfolio/api/services/benchmark/benchmark.service';
+import { ExchangeRateDataService } from '@ghostfolio/api/services/exchange-rate-data/exchange-rate-data.service';
+import { MarketDataService } from '@ghostfolio/api/services/market-data/market-data.service';
+import { DATE_FORMAT, parseDate, resetHours } from '@ghostfolio/common/helper';
+import {
+  AssetProfileIdentifier,
+  BenchmarkMarketDataDetails,
+  Filter
+} from '@ghostfolio/common/interfaces';
+import { DateRange, UserWithSettings } from '@ghostfolio/common/types';
+
+import { Injectable, Logger } from '@nestjs/common';
+import { format, isSameDay } from 'date-fns';
+import { isNumber } from 'lodash';
+
+@Injectable()
+export class BenchmarksService {
+  public constructor(
+    private readonly benchmarkService: BenchmarkService,
+    private readonly exchangeRateDataService: ExchangeRateDataService,
+    private readonly marketDataService: MarketDataService,
+    private readonly portfolioService: PortfolioService,
+    private readonly symbolService: SymbolService
+  ) {}
+
+  public async getMarketDataForUser({
+    dataSource,
+    dateRange,
+    endDate = new Date(),
+    filters,
+    impersonationId,
+    startDate,
+    symbol,
+    user,
+    withExcludedAccounts
+  }: {
+    dateRange: DateRange;
+    endDate?: Date;
+    filters?: Filter[];
+    impersonationId: string;
+    startDate: Date;
+    user: UserWithSettings;
+    withExcludedAccounts?: boolean;
+  } & AssetProfileIdentifier): Promise<BenchmarkMarketDataDetails> {
+    const marketData: { date: string; value: number }[] = [];
+    const userCurrency = user.Settings.settings.baseCurrency;
+    const userId = user.id;
+
+    const { chart } = await this.portfolioService.getPerformance({
+      dateRange,
+      filters,
+      impersonationId,
+      userId,
+      withExcludedAccounts
+    });
+
+    const [currentSymbolItem, marketDataItems] = await Promise.all([
+      this.symbolService.get({
+        dataGatheringItem: {
+          dataSource,
+          symbol
+        }
+      }),
+      this.marketDataService.marketDataItems({
+        orderBy: {
+          date: 'asc'
+        },
+        where: {
+          dataSource,
+          symbol,
+          date: {
+            in: chart.map(({ date }) => {
+              return resetHours(parseDate(date));
+            })
+          }
+        }
+      })
+    ]);
+
+    const exchangeRates =
+      await this.exchangeRateDataService.getExchangeRatesByCurrency({
+        startDate,
+        currencies: [currentSymbolItem.currency],
+        targetCurrency: userCurrency
+      });
+
+    const exchangeRateAtStartDate =
+      exchangeRates[`${currentSymbolItem.currency}${userCurrency}`]?.[
+        format(startDate, DATE_FORMAT)
+      ];
+
+    const marketPriceAtStartDate = marketDataItems?.find(({ date }) => {
+      return isSameDay(date, startDate);
+    })?.marketPrice;
+
+    if (!marketPriceAtStartDate) {
+      Logger.error(
+        `No historical market data has been found for ${symbol} (${dataSource}) at ${format(
+          startDate,
+          DATE_FORMAT
+        )}`,
+        'BenchmarkService'
+      );
+
+      return { marketData };
+    }
+
+    for (const marketDataItem of marketDataItems) {
+      const exchangeRate =
+        exchangeRates[`${currentSymbolItem.currency}${userCurrency}`]?.[
+          format(marketDataItem.date, DATE_FORMAT)
+        ];
+
+      const exchangeRateFactor =
+        isNumber(exchangeRateAtStartDate) && isNumber(exchangeRate)
+          ? exchangeRate / exchangeRateAtStartDate
+          : 1;
+
+      marketData.push({
+        date: format(marketDataItem.date, DATE_FORMAT),
+        value:
+          marketPriceAtStartDate === 0
+            ? 0
+            : this.benchmarkService.calculateChangeInPercentage(
+                marketPriceAtStartDate,
+                marketDataItem.marketPrice * exchangeRateFactor
+              ) * 100
+      });
+    }
+
+    const includesEndDate = isSameDay(
+      parseDate(marketData.at(-1).date),
+      endDate
+    );
+
+    if (currentSymbolItem?.marketPrice && !includesEndDate) {
+      const exchangeRate =
+        exchangeRates[`${currentSymbolItem.currency}${userCurrency}`]?.[
+          format(endDate, DATE_FORMAT)
+        ];
+
+      const exchangeRateFactor =
+        isNumber(exchangeRateAtStartDate) && isNumber(exchangeRate)
+          ? exchangeRate / exchangeRateAtStartDate
+          : 1;
+
+      marketData.push({
+        date: format(endDate, DATE_FORMAT),
+        value:
+          this.benchmarkService.calculateChangeInPercentage(
+            marketPriceAtStartDate,
+            currentSymbolItem.marketPrice * exchangeRateFactor
+          ) * 100
+      });
+    }
+
+    return {
+      marketData
+    };
+  }
+}
--- a/apps/api/src/app/endpoints/data-providers/ghostfolio/get-dividends.dto.ts
+++ b/apps/api/src/app/endpoints/data-providers/ghostfolio/get-dividends.dto.ts
@ -0,0 +1,15 @@
+import { Granularity } from '@ghostfolio/common/types';
+
+import { IsIn, IsISO8601, IsOptional } from 'class-validator';
+
+export class GetDividendsDto {
+  @IsISO8601()
+  from: string;
+
+  @IsIn(['day', 'month'] as Granularity[])
+  @IsOptional()
+  granularity: Granularity;
+
+  @IsISO8601()
+  to: string;
+}
--- a/apps/api/src/app/endpoints/data-providers/ghostfolio/get-historical.dto.ts
+++ b/apps/api/src/app/endpoints/data-providers/ghostfolio/get-historical.dto.ts
@ -0,0 +1,15 @@
+import { Granularity } from '@ghostfolio/common/types';
+
+import { IsIn, IsISO8601, IsOptional } from 'class-validator';
+
+export class GetHistoricalDto {
+  @IsISO8601()
+  from: string;
+
+  @IsIn(['day', 'month'] as Granularity[])
+  @IsOptional()
+  granularity: Granularity;
+
+  @IsISO8601()
+  to: string;
+}
--- a/apps/api/src/app/endpoints/data-providers/ghostfolio/get-quotes.dto.ts
+++ b/apps/api/src/app/endpoints/data-providers/ghostfolio/get-quotes.dto.ts
@ -0,0 +1,10 @@
+import { Transform } from 'class-transformer';
+import { IsString } from 'class-validator';
+
+export class GetQuotesDto {
+  @IsString({ each: true })
+  @Transform(({ value }) =>
+    typeof value === 'string' ? value.split(',') : value
+  )
+  symbols: string[];
+}
--- a/apps/api/src/app/endpoints/data-providers/ghostfolio/ghostfolio.controller.ts
+++ b/apps/api/src/app/endpoints/data-providers/ghostfolio/ghostfolio.controller.ts
@ -0,0 +1,375 @@
+import { HasPermission } from '@ghostfolio/api/decorators/has-permission.decorator';
+import { HasPermissionGuard } from '@ghostfolio/api/guards/has-permission.guard';
+import { parseDate } from '@ghostfolio/common/helper';
+import {
+  DataProviderGhostfolioStatusResponse,
+  DividendsResponse,
+  HistoricalResponse,
+  LookupResponse,
+  QuotesResponse
+} from '@ghostfolio/common/interfaces';
+import { permissions } from '@ghostfolio/common/permissions';
+import { RequestWithUser } from '@ghostfolio/common/types';
+
+import {
+  Controller,
+  Get,
+  HttpException,
+  Inject,
+  Param,
+  Query,
+  UseGuards,
+  Version
+} from '@nestjs/common';
+import { REQUEST } from '@nestjs/core';
+import { AuthGuard } from '@nestjs/passport';
+import { getReasonPhrase, StatusCodes } from 'http-status-codes';
+
+import { GetDividendsDto } from './get-dividends.dto';
+import { GetHistoricalDto } from './get-historical.dto';
+import { GetQuotesDto } from './get-quotes.dto';
+import { GhostfolioService } from './ghostfolio.service';
+
+@Controller('data-providers/ghostfolio')
+export class GhostfolioController {
+  public constructor(
+    private readonly ghostfolioService: GhostfolioService,
+    @Inject(REQUEST) private readonly request: RequestWithUser
+  ) {}
+
+  /**
+   * @deprecated
+   */
+  @Get('dividends/:symbol')
+  @HasPermission(permissions.enableDataProviderGhostfolio)
+  @UseGuards(AuthGuard('jwt'), HasPermissionGuard)
+  public async getDividendsV1(
+    @Param('symbol') symbol: string,
+    @Query() query: GetDividendsDto
+  ): Promise<DividendsResponse> {
+    const maxDailyRequests = await this.ghostfolioService.getMaxDailyRequests();
+
+    if (
+      this.request.user.dataProviderGhostfolioDailyRequests > maxDailyRequests
+    ) {
+      throw new HttpException(
+        getReasonPhrase(StatusCodes.TOO_MANY_REQUESTS),
+        StatusCodes.TOO_MANY_REQUESTS
+      );
+    }
+
+    try {
+      const dividends = await this.ghostfolioService.getDividends({
+        symbol,
+        from: parseDate(query.from),
+        granularity: query.granularity,
+        to: parseDate(query.to)
+      });
+
+      await this.ghostfolioService.incrementDailyRequests({
+        userId: this.request.user.id
+      });
+
+      return dividends;
+    } catch {
+      throw new HttpException(
+        getReasonPhrase(StatusCodes.INTERNAL_SERVER_ERROR),
+        StatusCodes.INTERNAL_SERVER_ERROR
+      );
+    }
+  }
+
+  @Get('dividends/:symbol')
+  @HasPermission(permissions.enableDataProviderGhostfolio)
+  @UseGuards(AuthGuard('api-key'), HasPermissionGuard)
+  @Version('2')
+  public async getDividends(
+    @Param('symbol') symbol: string,
+    @Query() query: GetDividendsDto
+  ): Promise<DividendsResponse> {
+    const maxDailyRequests = await this.ghostfolioService.getMaxDailyRequests();
+
+    if (
+      this.request.user.dataProviderGhostfolioDailyRequests > maxDailyRequests
+    ) {
+      throw new HttpException(
+        getReasonPhrase(StatusCodes.TOO_MANY_REQUESTS),
+        StatusCodes.TOO_MANY_REQUESTS
+      );
+    }
+
+    try {
+      const dividends = await this.ghostfolioService.getDividends({
+        symbol,
+        from: parseDate(query.from),
+        granularity: query.granularity,
+        to: parseDate(query.to)
+      });
+
+      await this.ghostfolioService.incrementDailyRequests({
+        userId: this.request.user.id
+      });
+
+      return dividends;
+    } catch {
+      throw new HttpException(
+        getReasonPhrase(StatusCodes.INTERNAL_SERVER_ERROR),
+        StatusCodes.INTERNAL_SERVER_ERROR
+      );
+    }
+  }
+
+  /**
+   * @deprecated
+   */
+  @Get('historical/:symbol')
+  @HasPermission(permissions.enableDataProviderGhostfolio)
+  @UseGuards(AuthGuard('jwt'), HasPermissionGuard)
+  public async getHistoricalV1(
+    @Param('symbol') symbol: string,
+    @Query() query: GetHistoricalDto
+  ): Promise<HistoricalResponse> {
+    const maxDailyRequests = await this.ghostfolioService.getMaxDailyRequests();
+
+    if (
+      this.request.user.dataProviderGhostfolioDailyRequests > maxDailyRequests
+    ) {
+      throw new HttpException(
+        getReasonPhrase(StatusCodes.TOO_MANY_REQUESTS),
+        StatusCodes.TOO_MANY_REQUESTS
+      );
+    }
+
+    try {
+      const historicalData = await this.ghostfolioService.getHistorical({
+        symbol,
+        from: parseDate(query.from),
+        granularity: query.granularity,
+        to: parseDate(query.to)
+      });
+
+      await this.ghostfolioService.incrementDailyRequests({
+        userId: this.request.user.id
+      });
+
+      return historicalData;
+    } catch {
+      throw new HttpException(
+        getReasonPhrase(StatusCodes.INTERNAL_SERVER_ERROR),
+        StatusCodes.INTERNAL_SERVER_ERROR
+      );
+    }
+  }
+
+  @Get('historical/:symbol')
+  @HasPermission(permissions.enableDataProviderGhostfolio)
+  @UseGuards(AuthGuard('api-key'), HasPermissionGuard)
+  @Version('2')
+  public async getHistorical(
+    @Param('symbol') symbol: string,
+    @Query() query: GetHistoricalDto
+  ): Promise<HistoricalResponse> {
+    const maxDailyRequests = await this.ghostfolioService.getMaxDailyRequests();
+
+    if (
+      this.request.user.dataProviderGhostfolioDailyRequests > maxDailyRequests
+    ) {
+      throw new HttpException(
+        getReasonPhrase(StatusCodes.TOO_MANY_REQUESTS),
+        StatusCodes.TOO_MANY_REQUESTS
+      );
+    }
+
+    try {
+      const historicalData = await this.ghostfolioService.getHistorical({
+        symbol,
+        from: parseDate(query.from),
+        granularity: query.granularity,
+        to: parseDate(query.to)
+      });
+
+      await this.ghostfolioService.incrementDailyRequests({
+        userId: this.request.user.id
+      });
+
+      return historicalData;
+    } catch {
+      throw new HttpException(
+        getReasonPhrase(StatusCodes.INTERNAL_SERVER_ERROR),
+        StatusCodes.INTERNAL_SERVER_ERROR
+      );
+    }
+  }
+
+  /**
+   * @deprecated
+   */
+  @Get('lookup')
+  @HasPermission(permissions.enableDataProviderGhostfolio)
+  @UseGuards(AuthGuard('jwt'), HasPermissionGuard)
+  public async lookupSymbolV1(
+    @Query('includeIndices') includeIndicesParam = 'false',
+    @Query('query') query = ''
+  ): Promise<LookupResponse> {
+    const includeIndices = includeIndicesParam === 'true';
+    const maxDailyRequests = await this.ghostfolioService.getMaxDailyRequests();
+
+    if (
+      this.request.user.dataProviderGhostfolioDailyRequests > maxDailyRequests
+    ) {
+      throw new HttpException(
+        getReasonPhrase(StatusCodes.TOO_MANY_REQUESTS),
+        StatusCodes.TOO_MANY_REQUESTS
+      );
+    }
+
+    try {
+      const result = await this.ghostfolioService.lookup({
+        includeIndices,
+        query: query.toLowerCase()
+      });
+
+      await this.ghostfolioService.incrementDailyRequests({
+        userId: this.request.user.id
+      });
+
+      return result;
+    } catch {
+      throw new HttpException(
+        getReasonPhrase(StatusCodes.INTERNAL_SERVER_ERROR),
+        StatusCodes.INTERNAL_SERVER_ERROR
+      );
+    }
+  }
+
+  @Get('lookup')
+  @HasPermission(permissions.enableDataProviderGhostfolio)
+  @UseGuards(AuthGuard('api-key'), HasPermissionGuard)
+  @Version('2')
+  public async lookupSymbol(
+    @Query('includeIndices') includeIndicesParam = 'false',
+    @Query('query') query = ''
+  ): Promise<LookupResponse> {
+    const includeIndices = includeIndicesParam === 'true';
+    const maxDailyRequests = await this.ghostfolioService.getMaxDailyRequests();
+
+    if (
+      this.request.user.dataProviderGhostfolioDailyRequests > maxDailyRequests
+    ) {
+      throw new HttpException(
+        getReasonPhrase(StatusCodes.TOO_MANY_REQUESTS),
+        StatusCodes.TOO_MANY_REQUESTS
+      );
+    }
+
+    try {
+      const result = await this.ghostfolioService.lookup({
+        includeIndices,
+        query: query.toLowerCase()
+      });
+
+      await this.ghostfolioService.incrementDailyRequests({
+        userId: this.request.user.id
+      });
+
+      return result;
+    } catch {
+      throw new HttpException(
+        getReasonPhrase(StatusCodes.INTERNAL_SERVER_ERROR),
+        StatusCodes.INTERNAL_SERVER_ERROR
+      );
+    }
+  }
+
+  /**
+   * @deprecated
+   */
+  @Get('quotes')
+  @HasPermission(permissions.enableDataProviderGhostfolio)
+  @UseGuards(AuthGuard('jwt'), HasPermissionGuard)
+  public async getQuotesV1(
+    @Query() query: GetQuotesDto
+  ): Promise<QuotesResponse> {
+    const maxDailyRequests = await this.ghostfolioService.getMaxDailyRequests();
+
+    if (
+      this.request.user.dataProviderGhostfolioDailyRequests > maxDailyRequests
+    ) {
+      throw new HttpException(
+        getReasonPhrase(StatusCodes.TOO_MANY_REQUESTS),
+        StatusCodes.TOO_MANY_REQUESTS
+      );
+    }
+
+    try {
+      const quotes = await this.ghostfolioService.getQuotes({
+        symbols: query.symbols
+      });
+
+      await this.ghostfolioService.incrementDailyRequests({
+        userId: this.request.user.id
+      });
+
+      return quotes;
+    } catch {
+      throw new HttpException(
+        getReasonPhrase(StatusCodes.INTERNAL_SERVER_ERROR),
+        StatusCodes.INTERNAL_SERVER_ERROR
+      );
+    }
+  }
+
+  @Get('quotes')
+  @HasPermission(permissions.enableDataProviderGhostfolio)
+  @UseGuards(AuthGuard('api-key'), HasPermissionGuard)
+  @Version('2')
+  public async getQuotes(
+    @Query() query: GetQuotesDto
+  ): Promise<QuotesResponse> {
+    const maxDailyRequests = await this.ghostfolioService.getMaxDailyRequests();
+
+    if (
+      this.request.user.dataProviderGhostfolioDailyRequests > maxDailyRequests
+    ) {
+      throw new HttpException(
+        getReasonPhrase(StatusCodes.TOO_MANY_REQUESTS),
+        StatusCodes.TOO_MANY_REQUESTS
+      );
+    }
+
+    try {
+      const quotes = await this.ghostfolioService.getQuotes({
+        symbols: query.symbols
+      });
+
+      await this.ghostfolioService.incrementDailyRequests({
+        userId: this.request.user.id
+      });
+
+      return quotes;
+    } catch {
+      throw new HttpException(
+        getReasonPhrase(StatusCodes.INTERNAL_SERVER_ERROR),
+        StatusCodes.INTERNAL_SERVER_ERROR
+      );
+    }
+  }
+
+  /**
+   * @deprecated
+   */
+  @Get('status')
+  @HasPermission(permissions.enableDataProviderGhostfolio)
+  @UseGuards(AuthGuard('jwt'), HasPermissionGuard)
+  public async getStatusV1(): Promise<DataProviderGhostfolioStatusResponse> {
+    return this.ghostfolioService.getStatus({ user: this.request.user });
+  }
+
+  @Get('status')
+  @HasPermission(permissions.enableDataProviderGhostfolio)
+  @UseGuards(AuthGuard('api-key'), HasPermissionGuard)
+  @Version('2')
+  public async getStatus(): Promise<DataProviderGhostfolioStatusResponse> {
+    return this.ghostfolioService.getStatus({ user: this.request.user });
+  }
+}
--- a/apps/api/src/app/endpoints/data-providers/ghostfolio/ghostfolio.module.ts
+++ b/apps/api/src/app/endpoints/data-providers/ghostfolio/ghostfolio.module.ts
@ -0,0 +1,83 @@
+import { RedisCacheModule } from '@ghostfolio/api/app/redis-cache/redis-cache.module';
+import { ConfigurationService } from '@ghostfolio/api/services/configuration/configuration.service';
+import { CryptocurrencyModule } from '@ghostfolio/api/services/cryptocurrency/cryptocurrency.module';
+import { AlphaVantageService } from '@ghostfolio/api/services/data-provider/alpha-vantage/alpha-vantage.service';
+import { CoinGeckoService } from '@ghostfolio/api/services/data-provider/coingecko/coingecko.service';
+import { YahooFinanceDataEnhancerService } from '@ghostfolio/api/services/data-provider/data-enhancer/yahoo-finance/yahoo-finance.service';
+import { DataProviderModule } from '@ghostfolio/api/services/data-provider/data-provider.module';
+import { DataProviderService } from '@ghostfolio/api/services/data-provider/data-provider.service';
+import { EodHistoricalDataService } from '@ghostfolio/api/services/data-provider/eod-historical-data/eod-historical-data.service';
+import { FinancialModelingPrepService } from '@ghostfolio/api/services/data-provider/financial-modeling-prep/financial-modeling-prep.service';
+import { GoogleSheetsService } from '@ghostfolio/api/services/data-provider/google-sheets/google-sheets.service';
+import { ManualService } from '@ghostfolio/api/services/data-provider/manual/manual.service';
+import { RapidApiService } from '@ghostfolio/api/services/data-provider/rapid-api/rapid-api.service';
+import { YahooFinanceService } from '@ghostfolio/api/services/data-provider/yahoo-finance/yahoo-finance.service';
+import { MarketDataModule } from '@ghostfolio/api/services/market-data/market-data.module';
+import { PrismaModule } from '@ghostfolio/api/services/prisma/prisma.module';
+import { PropertyModule } from '@ghostfolio/api/services/property/property.module';
+import { SymbolProfileModule } from '@ghostfolio/api/services/symbol-profile/symbol-profile.module';
+
+import { Module } from '@nestjs/common';
+
+import { GhostfolioController } from './ghostfolio.controller';
+import { GhostfolioService } from './ghostfolio.service';
+
+@Module({
+  controllers: [GhostfolioController],
+  imports: [
+    CryptocurrencyModule,
+    DataProviderModule,
+    MarketDataModule,
+    PrismaModule,
+    PropertyModule,
+    RedisCacheModule,
+    SymbolProfileModule
+  ],
+  providers: [
+    AlphaVantageService,
+    CoinGeckoService,
+    ConfigurationService,
+    DataProviderService,
+    EodHistoricalDataService,
+    FinancialModelingPrepService,
+    GhostfolioService,
+    GoogleSheetsService,
+    ManualService,
+    RapidApiService,
+    YahooFinanceService,
+    YahooFinanceDataEnhancerService,
+    {
+      inject: [
+        AlphaVantageService,
+        CoinGeckoService,
+        EodHistoricalDataService,
+        FinancialModelingPrepService,
+        GoogleSheetsService,
+        ManualService,
+        RapidApiService,
+        YahooFinanceService
+      ],
+      provide: 'DataProviderInterfaces',
+      useFactory: (
+        alphaVantageService,
+        coinGeckoService,
+        eodHistoricalDataService,
+        financialModelingPrepService,
+        googleSheetsService,
+        manualService,
+        rapidApiService,
+        yahooFinanceService
+      ) => [
+        alphaVantageService,
+        coinGeckoService,
+        eodHistoricalDataService,
+        financialModelingPrepService,
+        googleSheetsService,
+        manualService,
+        rapidApiService,
+        yahooFinanceService
+      ]
+    }
+  ]
+})
+export class GhostfolioModule {}
--- a/apps/api/src/app/endpoints/data-providers/ghostfolio/ghostfolio.service.ts
+++ b/apps/api/src/app/endpoints/data-providers/ghostfolio/ghostfolio.service.ts
@ -0,0 +1,303 @@
+import { ConfigurationService } from '@ghostfolio/api/services/configuration/configuration.service';
+import { DataProviderService } from '@ghostfolio/api/services/data-provider/data-provider.service';
+import {
+  GetDividendsParams,
+  GetHistoricalParams,
+  GetQuotesParams,
+  GetSearchParams
+} from '@ghostfolio/api/services/data-provider/interfaces/data-provider.interface';
+import { IDataProviderHistoricalResponse } from '@ghostfolio/api/services/interfaces/interfaces';
+import { PrismaService } from '@ghostfolio/api/services/prisma/prisma.service';
+import { PropertyService } from '@ghostfolio/api/services/property/property.service';
+import {
+  DEFAULT_CURRENCY,
+  DERIVED_CURRENCIES
+} from '@ghostfolio/common/config';
+import { PROPERTY_DATA_SOURCES_GHOSTFOLIO_DATA_PROVIDER_MAX_REQUESTS } from '@ghostfolio/common/config';
+import {
+  DataProviderInfo,
+  DividendsResponse,
+  HistoricalResponse,
+  LookupItem,
+  LookupResponse,
+  QuotesResponse
+} from '@ghostfolio/common/interfaces';
+import { UserWithSettings } from '@ghostfolio/common/types';
+
+import { Injectable, Logger } from '@nestjs/common';
+import { DataSource } from '@prisma/client';
+import { Big } from 'big.js';
+
+@Injectable()
+export class GhostfolioService {
+  public constructor(
+    private readonly configurationService: ConfigurationService,
+    private readonly dataProviderService: DataProviderService,
+    private readonly prismaService: PrismaService,
+    private readonly propertyService: PropertyService
+  ) {}
+
+  public async getDividends({
+    from,
+    granularity,
+    requestTimeout = this.configurationService.get('REQUEST_TIMEOUT'),
+    symbol,
+    to
+  }: GetDividendsParams) {
+    const result: DividendsResponse = { dividends: {} };
+
+    try {
+      const promises: Promise<{
+        [date: string]: IDataProviderHistoricalResponse;
+      }>[] = [];
+
+      for (const dataProviderService of this.getDataProviderServices()) {
+        promises.push(
+          dataProviderService
+            .getDividends({
+              from,
+              granularity,
+              requestTimeout,
+              symbol,
+              to
+            })
+            .then((dividends) => {
+              result.dividends = dividends;
+
+              return dividends;
+            })
+        );
+      }
+
+      await Promise.all(promises);
+
+      return result;
+    } catch (error) {
+      Logger.error(error, 'GhostfolioService');
+
+      throw error;
+    }
+  }
+
+  public async getHistorical({
+    from,
+    granularity,
+    requestTimeout,
+    to,
+    symbol
+  }: GetHistoricalParams) {
+    const result: HistoricalResponse = { historicalData: {} };
+
+    try {
+      const promises: Promise<{
+        [symbol: string]: { [date: string]: IDataProviderHistoricalResponse };
+      }>[] = [];
+
+      for (const dataProviderService of this.getDataProviderServices()) {
+        promises.push(
+          dataProviderService
+            .getHistorical({
+              from,
+              granularity,
+              requestTimeout,
+              symbol,
+              to
+            })
+            .then((historicalData) => {
+              result.historicalData = historicalData[symbol];
+
+              return historicalData;
+            })
+        );
+      }
+
+      await Promise.all(promises);
+
+      return result;
+    } catch (error) {
+      Logger.error(error, 'GhostfolioService');
+
+      throw error;
+    }
+  }
+
+  public async getMaxDailyRequests() {
+    return parseInt(
+      ((await this.propertyService.getByKey(
+        PROPERTY_DATA_SOURCES_GHOSTFOLIO_DATA_PROVIDER_MAX_REQUESTS
+      )) as string) || '0',
+      10
+    );
+  }
+
+  public async getQuotes({ requestTimeout, symbols }: GetQuotesParams) {
+    const results: QuotesResponse = { quotes: {} };
+
+    try {
+      const promises: Promise<any>[] = [];
+
+      for (const dataProvider of this.getDataProviderServices()) {
+        const maximumNumberOfSymbolsPerRequest =
+          dataProvider.getMaxNumberOfSymbolsPerRequest?.() ??
+          Number.MAX_SAFE_INTEGER;
+
+        for (
+          let i = 0;
+          i < symbols.length;
+          i += maximumNumberOfSymbolsPerRequest
+        ) {
+          const symbolsChunk = symbols.slice(
+            i,
+            i + maximumNumberOfSymbolsPerRequest
+          );
+
+          const promise = Promise.resolve(
+            dataProvider.getQuotes({ requestTimeout, symbols: symbolsChunk })
+          );
+
+          promises.push(
+            promise.then(async (result) => {
+              for (const [symbol, dataProviderResponse] of Object.entries(
+                result
+              )) {
+                dataProviderResponse.dataSource = 'GHOSTFOLIO';
+
+                if (
+                  [
+                    ...DERIVED_CURRENCIES.map(({ currency }) => {
+                      return `${DEFAULT_CURRENCY}${currency}`;
+                    }),
+                    `${DEFAULT_CURRENCY}USX`
+                  ].includes(symbol)
+                ) {
+                  continue;
+                }
+
+                results.quotes[symbol] = dataProviderResponse;
+
+                for (const {
+                  currency,
+                  factor,
+                  rootCurrency
+                } of DERIVED_CURRENCIES) {
+                  if (symbol === `${DEFAULT_CURRENCY}${rootCurrency}`) {
+                    results.quotes[`${DEFAULT_CURRENCY}${currency}`] = {
+                      ...dataProviderResponse,
+                      currency,
+                      marketPrice: new Big(
+                        result[`${DEFAULT_CURRENCY}${rootCurrency}`].marketPrice
+                      )
+                        .mul(factor)
+                        .toNumber(),
+                      marketState: 'open'
+                    };
+                  }
+                }
+              }
+            })
+          );
+        }
+
+        await Promise.all(promises);
+      }
+
+      return results;
+    } catch (error) {
+      Logger.error(error, 'GhostfolioService');
+
+      throw error;
+    }
+  }
+
+  public async getStatus({ user }: { user: UserWithSettings }) {
+    return {
+      dailyRequests: user.dataProviderGhostfolioDailyRequests,
+      dailyRequestsMax: await this.getMaxDailyRequests(),
+      subscription: user.subscription
+    };
+  }
+
+  public async incrementDailyRequests({ userId }: { userId: string }) {
+    await this.prismaService.analytics.update({
+      data: {
+        dataProviderGhostfolioDailyRequests: { increment: 1 }
+      },
+      where: { userId }
+    });
+  }
+
+  public async lookup({
+    includeIndices = false,
+    query
+  }: GetSearchParams): Promise<LookupResponse> {
+    const results: LookupResponse = { items: [] };
+
+    if (!query) {
+      return results;
+    }
+
+    try {
+      let lookupItems: LookupItem[] = [];
+      const promises: Promise<{ items: LookupItem[] }>[] = [];
+
+      if (query?.length < 2) {
+        return { items: lookupItems };
+      }
+
+      for (const dataProviderService of this.getDataProviderServices()) {
+        promises.push(
+          dataProviderService.search({
+            includeIndices,
+            query
+          })
+        );
+      }
+
+      const searchResults = await Promise.all(promises);
+
+      for (const { items } of searchResults) {
+        if (items?.length > 0) {
+          lookupItems = lookupItems.concat(items);
+        }
+      }
+
+      const filteredItems = lookupItems
+        .filter(({ currency }) => {
+          // Only allow symbols with supported currency
+          return currency ? true : false;
+        })
+        .sort(({ name: name1 }, { name: name2 }) => {
+          return name1?.toLowerCase().localeCompare(name2?.toLowerCase());
+        })
+        .map((lookupItem) => {
+          lookupItem.dataProviderInfo = this.getDataProviderInfo();
+          lookupItem.dataSource = 'GHOSTFOLIO';
+
+          return lookupItem;
+        });
+
+      results.items = filteredItems;
+      return results;
+    } catch (error) {
+      Logger.error(error, 'GhostfolioService');
+
+      throw error;
+    }
+  }
+
+  private getDataProviderInfo(): DataProviderInfo {
+    return {
+      isPremium: false,
+      name: 'Ghostfolio Premium',
+      url: 'https://ghostfol.io'
+    };
+  }
+
+  private getDataProviderServices() {
+    return this.configurationService
+      .get('DATA_SOURCES_GHOSTFOLIO_DATA_PROVIDER')
+      .map((dataSource) => {
+        return this.dataProviderService.getDataProvider(DataSource[dataSource]);
+      });
+  }
+}
--- a/apps/api/src/app/endpoints/market-data/market-data.controller.ts
+++ b/apps/api/src/app/endpoints/market-data/market-data.controller.ts
@ -0,0 +1,137 @@
+import { AdminService } from '@ghostfolio/api/app/admin/admin.service';
+import { MarketDataService } from '@ghostfolio/api/services/market-data/market-data.service';
+import { SymbolProfileService } from '@ghostfolio/api/services/symbol-profile/symbol-profile.service';
+import { getCurrencyFromSymbol, isCurrency } from '@ghostfolio/common/helper';
+import { MarketDataDetailsResponse } from '@ghostfolio/common/interfaces';
+import { hasPermission, permissions } from '@ghostfolio/common/permissions';
+import { RequestWithUser } from '@ghostfolio/common/types';
+
+import {
+  Body,
+  Controller,
+  Get,
+  HttpException,
+  Inject,
+  Param,
+  Post,
+  UseGuards
+} from '@nestjs/common';
+import { REQUEST } from '@nestjs/core';
+import { AuthGuard } from '@nestjs/passport';
+import { DataSource, Prisma } from '@prisma/client';
+import { parseISO } from 'date-fns';
+import { getReasonPhrase, StatusCodes } from 'http-status-codes';
+
+import { UpdateBulkMarketDataDto } from './update-bulk-market-data.dto';
+
+@Controller('market-data')
+export class MarketDataController {
+  public constructor(
+    private readonly adminService: AdminService,
+    private readonly marketDataService: MarketDataService,
+    @Inject(REQUEST) private readonly request: RequestWithUser,
+    private readonly symbolProfileService: SymbolProfileService
+  ) {}
+
+  @Get(':dataSource/:symbol')
+  @UseGuards(AuthGuard('jwt'))
+  public async getMarketDataBySymbol(
+    @Param('dataSource') dataSource: DataSource,
+    @Param('symbol') symbol: string
+  ): Promise<MarketDataDetailsResponse> {
+    const [assetProfile] = await this.symbolProfileService.getSymbolProfiles([
+      { dataSource, symbol }
+    ]);
+
+    if (!assetProfile && !isCurrency(getCurrencyFromSymbol(symbol))) {
+      throw new HttpException(
+        getReasonPhrase(StatusCodes.NOT_FOUND),
+        StatusCodes.NOT_FOUND
+      );
+    }
+
+    const canReadAllAssetProfiles = hasPermission(
+      this.request.user.permissions,
+      permissions.readMarketData
+    );
+
+    const canReadOwnAssetProfile =
+      assetProfile?.userId === this.request.user.id &&
+      hasPermission(
+        this.request.user.permissions,
+        permissions.readMarketDataOfOwnAssetProfile
+      );
+
+    if (!canReadAllAssetProfiles && !canReadOwnAssetProfile) {
+      throw new HttpException(
+        assetProfile.userId
+          ? getReasonPhrase(StatusCodes.NOT_FOUND)
+          : getReasonPhrase(StatusCodes.FORBIDDEN),
+        assetProfile.userId ? StatusCodes.NOT_FOUND : StatusCodes.FORBIDDEN
+      );
+    }
+
+    return this.adminService.getMarketDataBySymbol({ dataSource, symbol });
+  }
+
+  @Post(':dataSource/:symbol')
+  @UseGuards(AuthGuard('jwt'))
+  public async updateMarketData(
+    @Body() data: UpdateBulkMarketDataDto,
+    @Param('dataSource') dataSource: DataSource,
+    @Param('symbol') symbol: string
+  ) {
+    const [assetProfile] = await this.symbolProfileService.getSymbolProfiles([
+      { dataSource, symbol }
+    ]);
+
+    if (!assetProfile) {
+      throw new HttpException(
+        getReasonPhrase(StatusCodes.NOT_FOUND),
+        StatusCodes.NOT_FOUND
+      );
+    }
+
+    const canUpsertAllAssetProfiles =
+      hasPermission(
+        this.request.user.permissions,
+        permissions.createMarketData
+      ) &&
+      hasPermission(
+        this.request.user.permissions,
+        permissions.updateMarketData
+      );
+
+    const canUpsertOwnAssetProfile =
+      assetProfile.userId === this.request.user.id &&
+      hasPermission(
+        this.request.user.permissions,
+        permissions.createMarketDataOfOwnAssetProfile
+      ) &&
+      hasPermission(
+        this.request.user.permissions,
+        permissions.updateMarketDataOfOwnAssetProfile
+      );
+
+    if (!canUpsertAllAssetProfiles && !canUpsertOwnAssetProfile) {
+      throw new HttpException(
+        getReasonPhrase(StatusCodes.FORBIDDEN),
+        StatusCodes.FORBIDDEN
+      );
+    }
+
+    const dataBulkUpdate: Prisma.MarketDataUpdateInput[] = data.marketData.map(
+      ({ date, marketPrice }) => ({
+        dataSource,
+        marketPrice,
+        symbol,
+        date: parseISO(date),
+        state: 'CLOSE'
+      })
+    );
+
+    return this.marketDataService.updateMany({
+      data: dataBulkUpdate
+    });
+  }
+}
--- a/apps/api/src/app/endpoints/market-data/market-data.module.ts
+++ b/apps/api/src/app/endpoints/market-data/market-data.module.ts
@ -0,0 +1,13 @@
+import { AdminModule } from '@ghostfolio/api/app/admin/admin.module';
+import { MarketDataModule as MarketDataServiceModule } from '@ghostfolio/api/services/market-data/market-data.module';
+import { SymbolProfileModule } from '@ghostfolio/api/services/symbol-profile/symbol-profile.module';
+
+import { Module } from '@nestjs/common';
+
+import { MarketDataController } from './market-data.controller';
+
+@Module({
+  controllers: [MarketDataController],
+  imports: [AdminModule, MarketDataServiceModule, SymbolProfileModule]
+})
+export class MarketDataModule {}
--- a/apps/api/src/app/endpoints/market-data/update-bulk-market-data.dto.ts
+++ b/apps/api/src/app/endpoints/market-data/update-bulk-market-data.dto.ts
@ -0,0 +1,24 @@
+import { Type } from 'class-transformer';
+import {
+  ArrayNotEmpty,
+  IsArray,
+  IsISO8601,
+  IsNumber,
+  IsOptional
+} from 'class-validator';
+
+export class UpdateBulkMarketDataDto {
+  @ArrayNotEmpty()
+  @IsArray()
+  @Type(() => UpdateMarketDataDto)
+  marketData: UpdateMarketDataDto[];
+}
+
+class UpdateMarketDataDto {
+  @IsISO8601()
+  @IsOptional()
+  date?: string;
+
+  @IsNumber()
+  marketPrice: number;
+}
--- a/apps/api/src/app/endpoints/public/public.controller.ts
+++ b/apps/api/src/app/endpoints/public/public.controller.ts
@ -0,0 +1,140 @@
+import { AccessService } from '@ghostfolio/api/app/access/access.service';
+import { PortfolioService } from '@ghostfolio/api/app/portfolio/portfolio.service';
+import { UserService } from '@ghostfolio/api/app/user/user.service';
+import { TransformDataSourceInResponseInterceptor } from '@ghostfolio/api/interceptors/transform-data-source-in-response/transform-data-source-in-response.interceptor';
+import { ConfigurationService } from '@ghostfolio/api/services/configuration/configuration.service';
+import { ExchangeRateDataService } from '@ghostfolio/api/services/exchange-rate-data/exchange-rate-data.service';
+import { DEFAULT_CURRENCY } from '@ghostfolio/common/config';
+import { getSum } from '@ghostfolio/common/helper';
+import { PublicPortfolioResponse } from '@ghostfolio/common/interfaces';
+import type { RequestWithUser } from '@ghostfolio/common/types';
+
+import {
+  Controller,
+  Get,
+  HttpException,
+  Inject,
+  Param,
+  UseInterceptors
+} from '@nestjs/common';
+import { REQUEST } from '@nestjs/core';
+import { Big } from 'big.js';
+import { StatusCodes, getReasonPhrase } from 'http-status-codes';
+
+@Controller('public')
+export class PublicController {
+  public constructor(
+    private readonly accessService: AccessService,
+    private readonly configurationService: ConfigurationService,
+    private readonly exchangeRateDataService: ExchangeRateDataService,
+    private readonly portfolioService: PortfolioService,
+    @Inject(REQUEST) private readonly request: RequestWithUser,
+    private readonly userService: UserService
+  ) {}
+
+  @Get(':accessId/portfolio')
+  @UseInterceptors(TransformDataSourceInResponseInterceptor)
+  public async getPublicPortfolio(
+    @Param('accessId') accessId
+  ): Promise<PublicPortfolioResponse> {
+    const access = await this.accessService.access({ id: accessId });
+
+    if (!access) {
+      throw new HttpException(
+        getReasonPhrase(StatusCodes.NOT_FOUND),
+        StatusCodes.NOT_FOUND
+      );
+    }
+
+    let hasDetails = true;
+
+    const user = await this.userService.user({
+      id: access.userId
+    });
+
+    if (this.configurationService.get('ENABLE_FEATURE_SUBSCRIPTION')) {
+      hasDetails = user.subscription.type === 'Premium';
+    }
+
+    const [
+      { createdAt, holdings, markets },
+      { performance: performance1d },
+      { performance: performanceMax },
+      { performance: performanceYtd }
+    ] = await Promise.all([
+      this.portfolioService.getDetails({
+        impersonationId: access.userId,
+        userId: user.id,
+        withMarkets: true
+      }),
+      ...['1d', 'max', 'ytd'].map((dateRange) => {
+        return this.portfolioService.getPerformance({
+          dateRange,
+          impersonationId: undefined,
+          userId: user.id
+        });
+      })
+    ]);
+
+    Object.values(markets ?? {}).forEach((market) => {
+      delete market.valueInBaseCurrency;
+    });
+
+    const publicPortfolioResponse: PublicPortfolioResponse = {
+      createdAt,
+      hasDetails,
+      markets,
+      alias: access.alias,
+      holdings: {},
+      performance: {
+        '1d': {
+          relativeChange:
+            performance1d.netPerformancePercentageWithCurrencyEffect
+        },
+        max: {
+          relativeChange:
+            performanceMax.netPerformancePercentageWithCurrencyEffect
+        },
+        ytd: {
+          relativeChange:
+            performanceYtd.netPerformancePercentageWithCurrencyEffect
+        }
+      }
+    };
+
+    const totalValue = getSum(
+      Object.values(holdings).map(({ currency, marketPrice, quantity }) => {
+        return new Big(
+          this.exchangeRateDataService.toCurrency(
+            quantity * marketPrice,
+            currency,
+            this.request.user?.Settings?.settings.baseCurrency ??
+              DEFAULT_CURRENCY
+          )
+        );
+      })
+    ).toNumber();
+
+    for (const [symbol, portfolioPosition] of Object.entries(holdings)) {
+      publicPortfolioResponse.holdings[symbol] = {
+        allocationInPercentage:
+          portfolioPosition.valueInBaseCurrency / totalValue,
+        assetClass: hasDetails ? portfolioPosition.assetClass : undefined,
+        countries: hasDetails ? portfolioPosition.countries : [],
+        currency: hasDetails ? portfolioPosition.currency : undefined,
+        dataSource: portfolioPosition.dataSource,
+        dateOfFirstActivity: portfolioPosition.dateOfFirstActivity,
+        markets: hasDetails ? portfolioPosition.markets : undefined,
+        name: portfolioPosition.name,
+        netPerformancePercentWithCurrencyEffect:
+          portfolioPosition.netPerformancePercentWithCurrencyEffect,
+        sectors: hasDetails ? portfolioPosition.sectors : [],
+        symbol: portfolioPosition.symbol,
+        url: portfolioPosition.url,
+        valueInPercentage: portfolioPosition.valueInBaseCurrency / totalValue
+      };
+    }
+
+    return publicPortfolioResponse;
+  }
+}
--- a/apps/api/src/app/endpoints/public/public.module.ts
+++ b/apps/api/src/app/endpoints/public/public.module.ts
@ -0,0 +1,49 @@
+import { AccessModule } from '@ghostfolio/api/app/access/access.module';
+import { AccountBalanceService } from '@ghostfolio/api/app/account-balance/account-balance.service';
+import { AccountService } from '@ghostfolio/api/app/account/account.service';
+import { OrderModule } from '@ghostfolio/api/app/order/order.module';
+import { PortfolioCalculatorFactory } from '@ghostfolio/api/app/portfolio/calculator/portfolio-calculator.factory';
+import { CurrentRateService } from '@ghostfolio/api/app/portfolio/current-rate.service';
+import { PortfolioService } from '@ghostfolio/api/app/portfolio/portfolio.service';
+import { RulesService } from '@ghostfolio/api/app/portfolio/rules.service';
+import { RedisCacheModule } from '@ghostfolio/api/app/redis-cache/redis-cache.module';
+import { UserModule } from '@ghostfolio/api/app/user/user.module';
+import { TransformDataSourceInRequestModule } from '@ghostfolio/api/interceptors/transform-data-source-in-request/transform-data-source-in-request.module';
+import { DataProviderModule } from '@ghostfolio/api/services/data-provider/data-provider.module';
+import { ExchangeRateDataModule } from '@ghostfolio/api/services/exchange-rate-data/exchange-rate-data.module';
+import { ImpersonationModule } from '@ghostfolio/api/services/impersonation/impersonation.module';
+import { MarketDataModule } from '@ghostfolio/api/services/market-data/market-data.module';
+import { PrismaModule } from '@ghostfolio/api/services/prisma/prisma.module';
+import { PortfolioSnapshotQueueModule } from '@ghostfolio/api/services/queues/portfolio-snapshot/portfolio-snapshot.module';
+import { SymbolProfileModule } from '@ghostfolio/api/services/symbol-profile/symbol-profile.module';
+
+import { Module } from '@nestjs/common';
+
+import { PublicController } from './public.controller';
+
+@Module({
+  controllers: [PublicController],
+  imports: [
+    AccessModule,
+    DataProviderModule,
+    ExchangeRateDataModule,
+    ImpersonationModule,
+    MarketDataModule,
+    OrderModule,
+    PortfolioSnapshotQueueModule,
+    PrismaModule,
+    RedisCacheModule,
+    SymbolProfileModule,
+    TransformDataSourceInRequestModule,
+    UserModule
+  ],
+  providers: [
+    AccountBalanceService,
+    AccountService,
+    CurrentRateService,
+    PortfolioCalculatorFactory,
+    PortfolioService,
+    RulesService
+  ]
+})
+export class PublicModule {}
--- a/apps/api/src/app/endpoints/tags/create-tag.dto.ts
+++ b/apps/api/src/app/endpoints/tags/create-tag.dto.ts
@ -0,0 +1,10 @@
+import { IsOptional, IsString } from 'class-validator';
+
+export class CreateTagDto {
+  @IsString()
+  name: string;
+
+  @IsOptional()
+  @IsString()
+  userId?: string;
+}
--- a/apps/api/src/app/endpoints/tags/tags.controller.ts
+++ b/apps/api/src/app/endpoints/tags/tags.controller.ts
@ -0,0 +1,115 @@
+import { HasPermission } from '@ghostfolio/api/decorators/has-permission.decorator';
+import { HasPermissionGuard } from '@ghostfolio/api/guards/has-permission.guard';
+import { TagService } from '@ghostfolio/api/services/tag/tag.service';
+import { hasPermission, permissions } from '@ghostfolio/common/permissions';
+import { RequestWithUser } from '@ghostfolio/common/types';
+
+import {
+  Body,
+  Controller,
+  Delete,
+  Get,
+  HttpException,
+  Inject,
+  Param,
+  Post,
+  Put,
+  UseGuards
+} from '@nestjs/common';
+import { REQUEST } from '@nestjs/core';
+import { AuthGuard } from '@nestjs/passport';
+import { Tag } from '@prisma/client';
+import { StatusCodes, getReasonPhrase } from 'http-status-codes';
+
+import { CreateTagDto } from './create-tag.dto';
+import { UpdateTagDto } from './update-tag.dto';
+
+@Controller('tags')
+export class TagsController {
+  public constructor(
+    @Inject(REQUEST) private readonly request: RequestWithUser,
+    private readonly tagService: TagService
+  ) {}
+
+  @Post()
+  @UseGuards(AuthGuard('jwt'))
+  public async createTag(@Body() data: CreateTagDto): Promise<Tag> {
+    const canCreateOwnTag = hasPermission(
+      this.request.user.permissions,
+      permissions.createOwnTag
+    );
+
+    const canCreateTag = hasPermission(
+      this.request.user.permissions,
+      permissions.createTag
+    );
+
+    if (!canCreateOwnTag && !canCreateTag) {
+      throw new HttpException(
+        getReasonPhrase(StatusCodes.FORBIDDEN),
+        StatusCodes.FORBIDDEN
+      );
+    }
+
+    if (canCreateOwnTag && !canCreateTag) {
+      if (data.userId !== this.request.user.id) {
+        throw new HttpException(
+          getReasonPhrase(StatusCodes.BAD_REQUEST),
+          StatusCodes.BAD_REQUEST
+        );
+      }
+    }
+
+    return this.tagService.createTag(data);
+  }
+
+  @Delete(':id')
+  @HasPermission(permissions.deleteTag)
+  @UseGuards(AuthGuard('jwt'), HasPermissionGuard)
+  public async deleteTag(@Param('id') id: string) {
+    const originalTag = await this.tagService.getTag({
+      id
+    });
+
+    if (!originalTag) {
+      throw new HttpException(
+        getReasonPhrase(StatusCodes.FORBIDDEN),
+        StatusCodes.FORBIDDEN
+      );
+    }
+
+    return this.tagService.deleteTag({ id });
+  }
+
+  @Get()
+  @HasPermission(permissions.readTags)
+  @UseGuards(AuthGuard('jwt'), HasPermissionGuard)
+  public async getTags() {
+    return this.tagService.getTagsWithActivityCount();
+  }
+
+  @HasPermission(permissions.updateTag)
+  @Put(':id')
+  @UseGuards(AuthGuard('jwt'), HasPermissionGuard)
+  public async updateTag(@Param('id') id: string, @Body() data: UpdateTagDto) {
+    const originalTag = await this.tagService.getTag({
+      id
+    });
+
+    if (!originalTag) {
+      throw new HttpException(
+        getReasonPhrase(StatusCodes.FORBIDDEN),
+        StatusCodes.FORBIDDEN
+      );
+    }
+
+    return this.tagService.updateTag({
+      data: {
+        ...data
+      },
+      where: {
+        id
+      }
+    });
+  }
+}
--- a/apps/api/src/app/endpoints/tags/tags.module.ts
+++ b/apps/api/src/app/endpoints/tags/tags.module.ts
@ -0,0 +1,12 @@
+import { PrismaModule } from '@ghostfolio/api/services/prisma/prisma.module';
+import { TagModule } from '@ghostfolio/api/services/tag/tag.module';
+
+import { Module } from '@nestjs/common';
+
+import { TagsController } from './tags.controller';
+
+@Module({
+  controllers: [TagsController],
+  imports: [PrismaModule, TagModule]
+})
+export class TagsModule {}
--- a/apps/api/src/app/endpoints/tags/update-tag.dto.ts
+++ b/apps/api/src/app/endpoints/tags/update-tag.dto.ts
@ -0,0 +1,13 @@
+import { IsOptional, IsString } from 'class-validator';
+
+export class UpdateTagDto {
+  @IsString()
+  id: string;
+
+  @IsString()
+  name: string;
+
+  @IsOptional()
+  @IsString()
+  userId?: string;
+}
--- a/apps/api/src/app/exchange-rate/exchange-rate.controller.ts
+++ b/apps/api/src/app/exchange-rate/exchange-rate.controller.ts
@ -1,4 +1,6 @@
+import { HasPermissionGuard } from '@ghostfolio/api/guards/has-permission.guard';
 import { IDataProviderHistoricalResponse } from '@ghostfolio/api/services/interfaces/interfaces';
+
 import {
  Controller,
  Get,
@ -7,6 +9,7 @@ import {
  UseGuards
 } from '@nestjs/common';
 import { AuthGuard } from '@nestjs/passport';
+import { parseISO } from 'date-fns';
 import { StatusCodes, getReasonPhrase } from 'http-status-codes';

 import { ExchangeRateService } from './exchange-rate.service';
@ -18,12 +21,12 @@ export class ExchangeRateController {
  ) {}

  @Get(':symbol/:dateString')
-  @UseGuards(AuthGuard('jwt'))
+  @UseGuards(AuthGuard('jwt'), HasPermissionGuard)
  public async getExchangeRate(
    @Param('dateString') dateString: string,
    @Param('symbol') symbol: string
  ): Promise<IDataProviderHistoricalResponse> {
-    const date = new Date(dateString);
+    const date = parseISO(dateString);

    const exchangeRate = await this.exchangeRateService.getExchangeRate({
      date,
--- a/apps/api/src/app/exchange-rate/exchange-rate.module.ts
+++ b/apps/api/src/app/exchange-rate/exchange-rate.module.ts
@ -1,4 +1,5 @@
-import { ExchangeRateDataModule } from '@ghostfolio/api/services/exchange-rate-data.module';
+import { ExchangeRateDataModule } from '@ghostfolio/api/services/exchange-rate-data/exchange-rate-data.module';
+
 import { Module } from '@nestjs/common';

 import { ExchangeRateController } from './exchange-rate.controller';
--- a/apps/api/src/app/exchange-rate/exchange-rate.service.ts
+++ b/apps/api/src/app/exchange-rate/exchange-rate.service.ts
@ -1,4 +1,5 @@
-import { ExchangeRateDataService } from '@ghostfolio/api/services/exchange-rate-data.service';
+import { ExchangeRateDataService } from '@ghostfolio/api/services/exchange-rate-data/exchange-rate-data.service';
+
 import { Injectable } from '@nestjs/common';

@Injectable()
--- a/apps/api/src/app/export/export.controller.ts
+++ b/apps/api/src/app/export/export.controller.ts
@ -1,5 +1,8 @@
+import { HasPermissionGuard } from '@ghostfolio/api/guards/has-permission.guard';
+import { ApiService } from '@ghostfolio/api/services/api/api.service';
 import { Export } from '@ghostfolio/common/interfaces';
 import type { RequestWithUser } from '@ghostfolio/common/types';
+
 import { Controller, Get, Inject, Query, UseGuards } from '@nestjs/common';
 import { REQUEST } from '@nestjs/core';
 import { AuthGuard } from '@nestjs/passport';
@ -9,17 +12,29 @@ import { ExportService } from './export.service';
@Controller('export')
 export class ExportController {
  public constructor(
+    private readonly apiService: ApiService,
    private readonly exportService: ExportService,
    @Inject(REQUEST) private readonly request: RequestWithUser
  ) {}

  @Get()
-  @UseGuards(AuthGuard('jwt'))
+  @UseGuards(AuthGuard('jwt'), HasPermissionGuard)
  public async export(
-    @Query('activityIds') activityIds?: string[]
+    @Query('accounts') filterByAccounts?: string,
+    @Query('activityIds') activityIds?: string[],
+    @Query('assetClasses') filterByAssetClasses?: string,
+    @Query('tags') filterByTags?: string
  ): Promise<Export> {
+    const filters = this.apiService.buildFiltersFromQueryParams({
+      filterByAccounts,
+      filterByAssetClasses,
+      filterByTags
+    });
+
    return this.exportService.export({
      activityIds,
+      filters,
+      userCurrency: this.request.user.Settings.settings.baseCurrency,
      userId: this.request.user.id
    });
  }
--- a/apps/api/src/app/export/export.module.ts
+++ b/apps/api/src/app/export/export.module.ts
@ -1,21 +1,15 @@
-import { RedisCacheModule } from '@ghostfolio/api/app/redis-cache/redis-cache.module';
-import { ConfigurationModule } from '@ghostfolio/api/services/configuration.module';
-import { DataGatheringModule } from '@ghostfolio/api/services/data-gathering.module';
-import { DataProviderModule } from '@ghostfolio/api/services/data-provider/data-provider.module';
-import { PrismaModule } from '@ghostfolio/api/services/prisma.module';
+import { AccountModule } from '@ghostfolio/api/app/account/account.module';
+import { OrderModule } from '@ghostfolio/api/app/order/order.module';
+import { ApiModule } from '@ghostfolio/api/services/api/api.module';
+import { TagModule } from '@ghostfolio/api/services/tag/tag.module';
+
 import { Module } from '@nestjs/common';

 import { ExportController } from './export.controller';
 import { ExportService } from './export.service';

@Module({
-  imports: [
-    ConfigurationModule,
-    DataGatheringModule,
-    DataProviderModule,
-    PrismaModule,
-    RedisCacheModule
-  ],
+  imports: [AccountModule, ApiModule, OrderModule, TagModule],
  controllers: [ExportController],
  providers: [ExportService]
 })
--- a/apps/api/src/app/export/export.service.ts
+++ b/apps/api/src/app/export/export.service.ts
@ -1,49 +1,78 @@
+import { AccountService } from '@ghostfolio/api/app/account/account.service';
+import { OrderService } from '@ghostfolio/api/app/order/order.service';
 import { environment } from '@ghostfolio/api/environments/environment';
-import { PrismaService } from '@ghostfolio/api/services/prisma.service';
-import { Export } from '@ghostfolio/common/interfaces';
+import { TagService } from '@ghostfolio/api/services/tag/tag.service';
+import { Filter, Export } from '@ghostfolio/common/interfaces';
+
 import { Injectable } from '@nestjs/common';
+import { Platform } from '@prisma/client';

@Injectable()
 export class ExportService {
-  public constructor(private readonly prismaService: PrismaService) {}
+  public constructor(
+    private readonly accountService: AccountService,
+    private readonly orderService: OrderService,
+    private readonly tagService: TagService
+  ) {}

  public async export({
    activityIds,
+    filters,
+    userCurrency,
    userId
  }: {
    activityIds?: string[];
+    filters?: Filter[];
+    userCurrency: string;
    userId: string;
  }): Promise<Export> {
-    const accounts = await this.prismaService.account.findMany({
-      orderBy: {
-        name: 'asc'
-      },
-      select: {
-        accountType: true,
-        balance: true,
-        currency: true,
-        id: true,
-        isExcluded: true,
-        name: true,
-        platformId: true
-      },
-      where: { userId }
-    });
+    const platformsMap: { [platformId: string]: Platform } = {};

-    let activities = await this.prismaService.order.findMany({
-      orderBy: { date: 'desc' },
-      select: {
-        accountId: true,
-        comment: true,
-        date: true,
-        fee: true,
-        id: true,
-        quantity: true,
-        SymbolProfile: true,
-        type: true,
-        unitPrice: true
-      },
-      where: { userId }
+    const accounts = (
+      await this.accountService.accounts({
+        include: {
+          Platform: true
+        },
+        orderBy: {
+          name: 'asc'
+        },
+        where: { userId }
+      })
+    ).map(
+      ({
+        balance,
+        comment,
+        currency,
+        id,
+        isExcluded,
+        name,
+        Platform: platform,
+        platformId
+      }) => {
+        if (platformId) {
+          platformsMap[platformId] = platform;
+        }
+
+        return {
+          balance,
+          comment,
+          currency,
+          id,
+          isExcluded,
+          name,
+          platformId
+        };
+      }
+    );
+
+    let { activities } = await this.orderService.getOrders({
+      filters,
+      userCurrency,
+      userId,
+      includeDrafts: true,
+      sortColumn: 'date',
+      sortDirection: 'asc',
+      withExcludedAccounts: true
    });

    if (activityIds) {
@ -52,9 +81,22 @@ export class ExportService {
      });
    }

+    const tags = (await this.tagService.getTagsForUser(userId))
+      .filter(({ isUsed }) => {
+        return isUsed;
+      })
+      .map(({ id, name }) => {
+        return {
+          id,
+          name
+        };
+      });
+
    return {
      meta: { date: new Date().toISOString(), version: environment.version },
      accounts,
+      platforms: Object.values(platformsMap),
+      tags,
      activities: activities.map(
        ({
          accountId,
@ -64,6 +106,7 @@ export class ExportService {
          id,
          quantity,
          SymbolProfile,
+          tags: currentTags,
          type,
          unitPrice
        }) => {
@ -78,10 +121,18 @@ export class ExportService {
            currency: SymbolProfile.currency,
            dataSource: SymbolProfile.dataSource,
            date: date.toISOString(),
-            symbol: type === 'ITEM' ? SymbolProfile.name : SymbolProfile.symbol
+            symbol: ['FEE', 'INTEREST', 'ITEM', 'LIABILITY'].includes(type)
+              ? SymbolProfile.name
+              : SymbolProfile.symbol,
+            tags: currentTags.map(({ id: tagId }) => {
+              return tagId;
+            })
          };
        }
-      )
+      ),
+      user: {
+        settings: { currency: userCurrency }
+      }
    };
  }
 }
--- a/apps/api/src/app/frontend.middleware.ts
+++ b/apps/api/src/app/frontend.middleware.ts
@ -1,205 +0,0 @@
-import * as fs from 'fs';
-import * as path from 'path';
-
-import { environment } from '@ghostfolio/api/environments/environment';
-import { ConfigurationService } from '@ghostfolio/api/services/configuration.service';
-import { DEFAULT_LANGUAGE_CODE } from '@ghostfolio/common/config';
-import { DATE_FORMAT } from '@ghostfolio/common/helper';
-import { Injectable, NestMiddleware } from '@nestjs/common';
-import { format } from 'date-fns';
-import { NextFunction, Request, Response } from 'express';
-
-@Injectable()
-export class FrontendMiddleware implements NestMiddleware {
-  public indexHtmlDe = '';
-  public indexHtmlEn = '';
-  public indexHtmlEs = '';
-  public indexHtmlFr = '';
-  public indexHtmlIt = '';
-  public indexHtmlNl = '';
-  public indexHtmlPt = '';
-
-  public constructor(
-    private readonly configurationService: ConfigurationService
-  ) {
-    try {
-      this.indexHtmlDe = fs.readFileSync(
-        this.getPathOfIndexHtmlFile('de'),
-        'utf8'
-      );
-      this.indexHtmlEn = fs.readFileSync(
-        this.getPathOfIndexHtmlFile(DEFAULT_LANGUAGE_CODE),
-        'utf8'
-      );
-      this.indexHtmlEs = fs.readFileSync(
-        this.getPathOfIndexHtmlFile('es'),
-        'utf8'
-      );
-      this.indexHtmlFr = fs.readFileSync(
-        this.getPathOfIndexHtmlFile('fr'),
-        'utf8'
-      );
-      this.indexHtmlIt = fs.readFileSync(
-        this.getPathOfIndexHtmlFile('it'),
-        'utf8'
-      );
-      this.indexHtmlNl = fs.readFileSync(
-        this.getPathOfIndexHtmlFile('nl'),
-        'utf8'
-      );
-      this.indexHtmlPt = fs.readFileSync(
-        this.getPathOfIndexHtmlFile('pt'),
-        'utf8'
-      );
-    } catch {}
-  }
-
-  public use(request: Request, response: Response, next: NextFunction) {
-    const currentDate = format(new Date(), DATE_FORMAT);
-    let featureGraphicPath = 'assets/cover.png';
-    let title = 'Ghostfolio – Open Source Wealth Management Software';
-
-    if (request.path.startsWith('/en/blog/2022/08/500-stars-on-github')) {
-      featureGraphicPath = 'assets/images/blog/500-stars-on-github.jpg';
-      title = `500 Stars - ${title}`;
-    } else if (request.path.startsWith('/en/blog/2022/10/hacktoberfest-2022')) {
-      featureGraphicPath = 'assets/images/blog/hacktoberfest-2022.png';
-      title = `Hacktoberfest 2022 - ${title}`;
-    } else if (request.path.startsWith('/en/blog/2022/11/black-friday-2022')) {
-      featureGraphicPath = 'assets/images/blog/black-friday-2022.jpg';
-      title = `Black Friday 2022 - ${title}`;
-    } else if (
-      request.path.startsWith(
-        '/en/blog/2022/12/the-importance-of-tracking-your-personal-finances'
-      )
-    ) {
-      featureGraphicPath = 'assets/images/blog/20221226.jpg';
-      title = `The importance of tracking your personal finances - ${title}`;
-    } else if (
-      request.path.startsWith(
-        '/de/blog/2023/01/ghostfolio-auf-sackgeld-vorgestellt'
-      )
-    ) {
-      featureGraphicPath = 'assets/images/blog/ghostfolio-x-sackgeld.png';
-      title = `Ghostfolio auf Sackgeld.com vorgestellt - ${title}`;
-    } else if (
-      request.path.startsWith('/en/blog/2023/02/ghostfolio-meets-umbrel')
-    ) {
-      featureGraphicPath = 'assets/images/blog/ghostfolio-x-umbrel.png';
-      title = `Ghostfolio meets Umbrel - ${title}`;
-    } else if (
-      request.path.startsWith(
-        '/en/blog/2023/03/ghostfolio-reaches-1000-stars-on-github'
-      )
-    ) {
-      featureGraphicPath = 'assets/images/blog/1000-stars-on-github.jpg';
-      title = `Ghostfolio reaches 1’000 Stars on GitHub - ${title}`;
-    }
-
-    if (
-      request.path.startsWith('/api/') ||
-      this.isFileRequest(request.url) ||
-      !environment.production
-    ) {
-      // Skip
-      next();
-    } else if (request.path === '/de' || request.path.startsWith('/de/')) {
-      response.send(
-        this.interpolate(this.indexHtmlDe, {
-          currentDate,
-          featureGraphicPath,
-          title,
-          languageCode: 'de',
-          path: request.path,
-          rootUrl: this.configurationService.get('ROOT_URL')
-        })
-      );
-    } else if (request.path === '/es' || request.path.startsWith('/es/')) {
-      response.send(
-        this.interpolate(this.indexHtmlEs, {
-          currentDate,
-          featureGraphicPath,
-          title,
-          languageCode: 'es',
-          path: request.path,
-          rootUrl: this.configurationService.get('ROOT_URL')
-        })
-      );
-    } else if (request.path === '/fr' || request.path.startsWith('/fr/')) {
-      response.send(
-        this.interpolate(this.indexHtmlFr, {
-          featureGraphicPath,
-          languageCode: 'fr',
-          path: request.path,
-          rootUrl: this.configurationService.get('ROOT_URL')
-        })
-      );
-    } else if (request.path === '/it' || request.path.startsWith('/it/')) {
-      response.send(
-        this.interpolate(this.indexHtmlIt, {
-          currentDate,
-          featureGraphicPath,
-          title,
-          languageCode: 'it',
-          path: request.path,
-          rootUrl: this.configurationService.get('ROOT_URL')
-        })
-      );
-    } else if (request.path === '/nl' || request.path.startsWith('/nl/')) {
-      response.send(
-        this.interpolate(this.indexHtmlNl, {
-          currentDate,
-          featureGraphicPath,
-          title,
-          languageCode: 'nl',
-          path: request.path,
-          rootUrl: this.configurationService.get('ROOT_URL')
-        })
-      );
-    } else if (request.path === '/pt' || request.path.startsWith('/pt/')) {
-      response.send(
-        this.interpolate(this.indexHtmlPt, {
-          featureGraphicPath,
-          languageCode: 'pt',
-          path: request.path,
-          rootUrl: this.configurationService.get('ROOT_URL')
-        })
-      );
-    } else {
-      response.send(
-        this.interpolate(this.indexHtmlEn, {
-          currentDate,
-          featureGraphicPath,
-          title,
-          languageCode: DEFAULT_LANGUAGE_CODE,
-          path: request.path,
-          rootUrl: this.configurationService.get('ROOT_URL')
-        })
-      );
-    }
-  }
-
-  private getPathOfIndexHtmlFile(aLocale: string) {
-    return path.join(__dirname, '..', 'client', aLocale, 'index.html');
-  }
-
-  private interpolate(template: string, context: any) {
-    return template.replace(/[$]{([^}]+)}/g, (_, objectPath) => {
-      const properties = objectPath.split('.');
-      return properties.reduce(
-        (previous, current) => previous?.[current],
-        context
-      );
-    });
-  }
-
-  private isFileRequest(filename: string) {
-    if (filename === '/assets/LICENSE') {
-      return true;
-    } else if (filename.includes('auth/ey')) {
-      return false;
-    }
-
-    return filename.split('.').pop() !== filename;
-  }
-}
--- a/apps/api/src/app/health/health.controller.ts
+++ b/apps/api/src/app/health/health.controller.ts
@ -0,0 +1,74 @@
+import { TransformDataSourceInRequestInterceptor } from '@ghostfolio/api/interceptors/transform-data-source-in-request/transform-data-source-in-request.interceptor';
+
+import {
+  Controller,
+  Get,
+  HttpException,
+  HttpStatus,
+  Param,
+  Res,
+  UseInterceptors
+} from '@nestjs/common';
+import { DataSource } from '@prisma/client';
+import { Response } from 'express';
+import { StatusCodes, getReasonPhrase } from 'http-status-codes';
+
+import { HealthService } from './health.service';
+
+@Controller('health')
+export class HealthController {
+  public constructor(private readonly healthService: HealthService) {}
+
+  @Get()
+  public async getHealth(@Res() response: Response) {
+    const databaseServiceHealthy = await this.healthService.isDatabaseHealthy();
+    const redisCacheServiceHealthy =
+      await this.healthService.isRedisCacheHealthy();
+
+    if (databaseServiceHealthy && redisCacheServiceHealthy) {
+      return response
+        .status(HttpStatus.OK)
+        .json({ status: getReasonPhrase(StatusCodes.OK) });
+    } else {
+      return response
+        .status(HttpStatus.SERVICE_UNAVAILABLE)
+        .json({ status: getReasonPhrase(StatusCodes.SERVICE_UNAVAILABLE) });
+    }
+  }
+
+  @Get('data-enhancer/:name')
+  public async getHealthOfDataEnhancer(@Param('name') name: string) {
+    const hasResponse =
+      await this.healthService.hasResponseFromDataEnhancer(name);
+
+    if (hasResponse !== true) {
+      throw new HttpException(
+        getReasonPhrase(StatusCodes.SERVICE_UNAVAILABLE),
+        StatusCodes.SERVICE_UNAVAILABLE
+      );
+    }
+  }
+
+  @Get('data-provider/:dataSource')
+  @UseInterceptors(TransformDataSourceInRequestInterceptor)
+  public async getHealthOfDataProvider(
+    @Param('dataSource') dataSource: DataSource
+  ) {
+    if (!DataSource[dataSource]) {
+      throw new HttpException(
+        getReasonPhrase(StatusCodes.NOT_FOUND),
+        StatusCodes.NOT_FOUND
+      );
+    }
+
+    const hasResponse =
+      await this.healthService.hasResponseFromDataProvider(dataSource);
+
+    if (hasResponse !== true) {
+      throw new HttpException(
+        getReasonPhrase(StatusCodes.SERVICE_UNAVAILABLE),
+        StatusCodes.SERVICE_UNAVAILABLE
+      );
+    }
+  }
+}
--- a/apps/api/src/app/health/health.module.ts
+++ b/apps/api/src/app/health/health.module.ts
@ -0,0 +1,23 @@
+import { RedisCacheModule } from '@ghostfolio/api/app/redis-cache/redis-cache.module';
+import { TransformDataSourceInRequestModule } from '@ghostfolio/api/interceptors/transform-data-source-in-request/transform-data-source-in-request.module';
+import { DataEnhancerModule } from '@ghostfolio/api/services/data-provider/data-enhancer/data-enhancer.module';
+import { DataProviderModule } from '@ghostfolio/api/services/data-provider/data-provider.module';
+import { PropertyModule } from '@ghostfolio/api/services/property/property.module';
+
+import { Module } from '@nestjs/common';
+
+import { HealthController } from './health.controller';
+import { HealthService } from './health.service';
+
+@Module({
+  controllers: [HealthController],
+  imports: [
+    DataEnhancerModule,
+    DataProviderModule,
+    PropertyModule,
+    RedisCacheModule,
+    TransformDataSourceInRequestModule
+  ],
+  providers: [HealthService]
+})
+export class HealthModule {}
--- a/Show More
+++ b/Show More