❇️ [RTY-260035]: Link Management Enhancements (Custom Alias, Expiry, QR Code, Security) #35
Description
Introduce advanced link management features including custom aliases, expiration rules, QR code generation, and basic abuse protection.
Problem
The current implementation provides only minimal functionality for generating short URLs. Users have no control over link lifecycle or customization.
Proposed Solution
Extend link metadata and add management capabilities.
Scope of Work
- Custom Short URL Alias
Allow users to define their own short path.
Examples
domain.com/docs
domain.com/github
Validation rules
- Only alphanumeric characters and hyphens allowed
- Maximum length limit
- Reserved keywords blocked (admin, api, login)
- Expiring Links
Support expiration conditions:
- expiration date
- maximum click count
Example schema
{
shortId: "abc123",
destination: "https://example.com/",
expiresAt: "2026-06-01",
maxClicks: 100
}Redirect behavior
- If expired, show an "Expired Link" page.
- Password Protected Links
Optional password verification before redirect.
Flow
short URL → password form → verify → redirect
- QR Code Generation
Provide a QR code for every short link.
Example endpoint
GET /qr/{shortId}
Response
PNG or SVG QR image.
- Rate Limiting
Prevent abuse of link creation.
Example policy
- 50 links per hour per IP.
- Future Security Enhancements
- malicious URL detection
- spam detection
Tasks
- Extend link schema with metadata fields
- Implement custom alias validation
- Implement expiration logic in redirect flow
- Add password verification middleware
- Implement QR code generation endpoint
- Add rate limiting middleware
Acceptance Criteria
- Custom aliases can be created and validated.
- Expired links cannot redirect.
- Password-protected links require verification.
- QR codes are generated correctly.
- Rate limiting prevents excessive link creation.